Following on last month’s client alert on the topic of the General Data Protection Regulation (GDPR), we are issuing additional recommendations to support your enterprise’s compliance efforts.

The GDPR goes into effect on May 25, and updating how you obtain contact information from website visitors is critical. In this post, we provide tips for updating forms on your website. This advice will help web administrators to comply with the GDPR, and also relieve you of unnecessary data reconciliation in your customer relationship management (“CRM”) system.

Updating Website Forms

If your website contains forms that collect any personal data (e.g., name, company, telephone number, email, etc.), the following suggestions on how form data is submitted will allow you to more easily comply with the GDPR:

1. Add a drop-down field with a standardized list of countries, and make it required that visitors submit their country information when filling out the form

GDPR-country-list

2. Include a checkbox at the end of the form, to allow visitors to opt-in to receive marketing communications

GDPR-checkbox

Please note: This checkbox should not be checked by default.

3. Explicitly indicate on subscription forms that submission includes consent to receive marketing communications

GDPR-communications-consent

4. Incorporate a link to your company’s privacy policy on sign-up forms

GDPR-privacy-policy

5. Update your privacy policy page with appropriate language

Compliance with the GDPR can be confusing, particularly when it comes to communication. Your privacy policy should be clear. One way to be more certain that yours is properly updated is to review reference materials, like this one from the Information Commissioner’s Office, on privacy notices under the GDPR.

Summary

The above are suggestions to help your organization be more compliant with the GDPR. (Please note that this information should not be construed as legal advice.)

To ensure your digital properties are in full compliance, please consult with your general counsel and/or outside counsel. Based on that legal guidance, third-party specialists can be helpful in conducting a full website audit and implementing any necessary changes. For more information, please contact our Client Experience team.