Connect with us

Hi, what are you looking for?

Editor’s Pick

GDPR compliance: An overview and check list

Most active websites on the internet are running on cookies and chances are that the website where you have found this article has already set a few cookies on your browser.

Though some cookies are essential for making a website function properly, most of them are statistic and marketing cookies that are utilized for their business development qualities.

On May 25th, 2018, the most significant data privacy law in 20 years was enforced: The General Data Protection Regulation (GDPR). The GDPR was created to give individuals control over how their data is used and to protect their rights. In addition, it was also created to set strict regulations for how website owners handle personal information collected from their visitors. Keep reading for a short introduction to cookies, the GDPR, and how to become compliant.

What are cookies?

Cookies are a type of tracking technology designed to collect information about website users. Cookies were developed in the early 90’s and their name were inspired by fortune cookies, as both types of cookies share a similar concept: They are both structures that contain a message.

Cookies can be separated into four categories: Necessary cookies, preference cookies, statistic cookies, and marketing cookies. Necessary cookies enable basic functionalities and are thus essential for a website to operate. Preference cookies enable websites to remember your preferred settings, e.g., language. Statistic cookies collect and report user data anonymously. Their purpose is to help website owners analyze and understand how their visitors engage with websites. Lastly, marketing cookies are used to track end-users across websites. The purpose of this is to perform targeted advertising through relevant ads.

Cookies can collect everything from seemingly trivial information such as technical specifications of a device to very sensitive information such as sexual orientation. Despite this, cookies are not an evil technology, as they are nothing but small text files that collect bits of data. It is what you can do with the data that is up for moral discussion.

What is the GDPR?

The General Data Protection Regulation (abbreviated to GDPR) is a data privacy law that regulates how companies and organizations manage personal data. The purpose of the GDPR is to give end-users control over how their data is used and to hold companies and organizations accountable for their data handling procedures.

As such, the GDPR sets strict conditions for transparency, documentation, and user consent. The GDPR applies to every website that has visitors from the EU – the organization behind the website does not to be physically located within the borders of the EU.

If the GDPR applies to your organization and you fail to become compliant, then you risk hefty fines of up to EUR20 million or 4% of your organization’s global yearly turnover. The GDPR was enforced on May 25th, 2018.

How do I become compliant?

If your website falls under the regulations of the GDPR, you should immediately take action to become compliant. By protecting your users’ privacy, you also protect your own business from fines and a bad reputation. The following 6 steps describe the actions that must be taken in order to become GDPR compliant.

Step 1: Get prepared

Present stakeholders across your organization with the requirements of the GDPR. Create principles for cyber security and privacy design. If your organization employs 250+ people, you are obligated to assign a Data Protection Officer (DPO).

Step 2: Assess your data

Get an overview of where all your data is including who has access to it and on which devices. Find out where personal information is processed, including third party processors. Write down reasons for lawful data processing and update your privacy policy with this information.

Step 3: Assess service providers

Ensure that service partners are also compliant with the GDPR. You are not only responsible for your own organization being GDPR compliant but must also make sure that partners follow the regulations of the GDPR.

Step 4: Get consent from users

Install methods for obtaining and recording consent, e.g., via an automated cookie consent popup. You must always provide options to revoke or change a consent.

Step 5: Formulate procedures for responding to data rights

Establish procedures to enable your organization to handle privacy inquiries, e.g., data deletion, from both customers and employees.

Step 6: Formulate a plan for data breaches

Establish procedures to detect, investigate and report on data breaches to meet the GDPR’s 72 hour-deadline for notification.

Read more:
GDPR compliance: An overview and check list

Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!



A market vendor arranges assorted vegetables inside the Quinta Market in Manila, Sept. 19. Vegetable prices continued to rise in November. — PHILIPPINE STAR/...


More policemen are deployed in Divisoria, Manila as the shopping area is expected to draw bigger crowds ahead of the holidays, Dec. 1. —...


PHILIPPINE STAR/ RUSSELL PALMA By Arjay L. Balinbin, Senior Reporter A PROPOSED MEASURE seeks to require National Economic and Development Authority (NEDA) Board approval...


BW FILE PHOTO THE MANAGEMENT ASSOCIATION of the Philippines (MAP) is seeking the creation of a public-private sector advisory council for various sectors, in...


UNSPLASH THE HOLIDAYS shouldn’t be used as an excuse to binge-eat, warned a dietitian.  Christmas is just around the corner and with it comes...


MANILA Electric Co. (Meralco) has secured a certificate of exemption from the Department of Energy (DoE) from the competitive selection process (CSP) for the...

You May Also Like


BW FILE PHOTO GROSS BORROWINGS by the National Government reached P2.6 trillion as of end-September as it continued to raise funds to respond to...


REUTERS By Luz Wendy T. Noble, Reporter The country’s foreign exchange buffers slightly increased as of end-October as the value of the central bank’s...


KARASOLAR.COM TENA, Ecuador — Ecuador’s rainforest Achuar people say their ancestors long dreamed of a “fire canoe” or “electric fish” that would let them...


COVID-19 has had a significant impact on the mental health of Filipinos across different groups all over the archipelago. From frontline workers, parents balancing...

Disclaimer: Respect, its managers, its employees, and assigns (collectively "The Company") do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

Copyright © 2022 Respect Investment. All Rights Reserved.