Helpful guidelines to GDPR on your business’s website.

Disclaimer: This article is not provided as authoritative legal guidance. Gem Internet does not accept any responsibility or liability that might occur directly or indirectly as a consequence of the use, application or reliance on this material.

Here are some helpful guidelines for businesses to follow to help them in making their website more compliant with the GDPR Data Protection regulations that will become enforceable after 25th May 2018. This is not a complete guide for all data protection best practice, but helpful guidance in respect to how to ensure a website can become more compliant.

The General Data Protection Regulation (GDPR).

GDPR is in place to make sure that businesses that store a users data do it in a secure & proper way. It’s about looking after of the information you, as an business, hold about other people and how it’s used.

The questions you need to review:

It should start with a data risk assessment which is not limited to just the data revolving around a website but the whole business’s practices. You should address the following questions about your website:

  1. What data is being captured and held?
  2. When and where is it captured?
  3. How long will the data be stored?
  4. How is it being used?
  5. Do you have explicit consent from the user to have and use the data?
  6. Do you display who to contact to find out what data is held about a user and request how it’s being used?
  7. Do you display the process for a user to ask to have all the data you hold about them permanently removed from your system? (The Right to be Forgotten)

You must prove you have been given explicit consent to hold the data and what it will be used for.

The user must be able to withdraw consent at any time.

Organisations need to make sure they:

  • Have a data breach process
  • Appoint a Data Protection Officer (DPO)
  • Have a ‘Right to be Forgotten’ process (also known as Right of Erasure)
  • Have good default privacy settings
  • Improve data encryption and work towards storing user profiles as pseudonyms

Compliant connected systems: Google, Mailchimp, Salesforce, Facebook etc

You need to make sure that your processes and policy clearly states what third party data processors you use and where a subject’s data is passed to.

The website GDPR compliance guideline checklist:

As an organisation you need to make sure you are registered on the ICO (Information Commissioner’s Office) website as a data controller (you may also be a data processor, too). Go to for more information.

The website checklist:

1. Cookie policy

A page on your website that states what cookies are used on the site, both yours and from third parties and what data you capture with them and what you do with it.

2. Cookie & privacy popup notice

The easiest way to handle this for most website owners is to provide a simple explanation that users can clear and block cookies on their browser settings.

3. Privacy policy

A privacy policy is a more thorough document that states the website owner’s full statement of what data is captured, when it was captured, what the data is used for, the third party’s details and the process as the process of requesting the user’s details and request that they be permanently deleted.

4. SSL certificate

The purpose is to securely encrypt all the details that are sent through any forms or fields on a website.

5. Pseudonymisation or anonymisation

As part of GDPR, ‘pseudonymisation’ means that websites will need to start moving towards the users being identified by a username only.

6. Newsletter signups

You need to make sure the tick box that handles this subscription is set to the user has to opt-in and not opt out. Emails you send out all have an unsubscribe link, too.

7. User account creation

If your website is an online shop or allow a user to set up an account for access to services behind a login area, you will need to ensure that you have both the SSL installed and also start work towards the data being stored using pseudonyms.

8. Payment gateways

If you have an ecommerce website and use one of the popular payment gateways, such as PayPal, Sagepay, Worldpay or Stripe, you need to make sure that the payment gateway privacy policies are checked and referenced in your own privacy policy.

9. Enquiry & contact form

If your website has an enquiry form for people to send you messages, you need to ensure the following are adhered to:

  • The website has an SSL
  • The details are not stored in the website’s SQL database unless stored encrypted
  • If they are sent to you by email, your email service provider adheres to GDPR rules and that the email is stored and sent according to GDPR secure methods
  • No pre-ticked boxes to automatically sign the enquirer up to a newsletter or mailing lists

The enquiry is explicit to that instance. You cannot then add the user’s details to your marketing database unless they have explicitly agreed to it using a separate tick box.

10. Live chat

If you have a live chat service on your website, you need to make sure that you refer to this third-party service in your cookie policy and privacy policy.

11. Email

Whilst not strictly website-related, all email services and the storage of email from all with whom you are connected, must be stored in accordance with DPA (Data Protection Act) & GDPR guidelines.

12. Social media account connection

Using social media sites for your organisation also falls under GDPR.

You also need to make sure that your privacy policy refers to these third-party data controllers, especially as people use SSO (Single Sign-on) for logging into sites also using their social media account logins for convenience. You also need to ensure that, if you use the details of your customers or connections on your social media page to promote your business that you have their consent to do so.

13. Google Analytics (and any other user tracking systems)

If you run Google Analytics on your site (or other tracking services) you will need to make sure that it is referred to in the cookie policy and the privacy policy. You must also enable the anonymisation option in Google Analytics to properly conform to GDPR.

14. A CRM connection

If your website captures user’s data and then writes it into a CRM, you need to make sure that the data collection process is secure, and that you refer to the third-party service in your privacy policy.

Improve your website online security and search rankings with HTTPS across your website

What are the benefits of using SSL on your website;

  • Help to secure your login forms to admin areas
  • Help to protect sensitive private data
  • Give your users added confidence in your website
  • Help to improve your website search ranking on Google search results
  • Prevent website spoofing
  • Help to protect credit card numbers

Turn on HTTPS everywhere on your website to give your users a constant, encrypted connection online, not only when they are on login pages. Users trust secured sites and major search engines even improve rankings for pages secured by SSL.

Order a SSL certificate for your website hosted with Gem Internet now or read more about the benefits of SSL certificates here.

Top 10 reasons your business has to be on social media

If you run a small business, you’re most likely busy enough without having to think about setting yourself up on social media. But understanding the benefits you can gain from doing so, should make you think again about the importance of having an active online presence.

Having a website is no longer enough. Facebook now has 1.44 billion monthly active users, and Twitter has 302 million. Your business needs to be sourcing from and interacting with this amazing customer pool. Not doing so makes no business sense!

Getting your message out there is essential, and social media is the perfect platform to do this

Having active social media accounts allows you to:

  1. Have a public presence which is easily accessible and readily seen.
  2. Update and inform your customers on news, changes, events and promotions. Repeat custom is big business too!
  3. Engage with your customers in a way no other platforms allow.
  4. Become part of a social media community: support and be supported by other businesses.
  5. Spread the word about your business and enhance your brand awareness.
  6. Run promotions and competitions which require sharing, thus ensuring you are seen by even more people.
  7. Send potential and existing customers to your website.
  8. Lead trends, show authority and knowledge in your field and represent your company.
  9. Show up in search engine results – not only for your company but for targeted searches. You will get more traffic to your website from search engines and from the social media accounts.
  10. Learn from your customers, see what works, and what information is of most interest.

Being on social media offers a unique chance for you to connect with your customers on a personal level. Social media allows you to have a tangible presence and be seen and heard by your customers. Interaction is key, you need to attract and interact with your customers, inform and entertain. But it’s not difficult. If you understand your business, your target market, and your industry, you can use social media to hugely benefit you.

One important point to remember is that social media is free! It requires no investment other than time, unless of course you are short on that and would rather pay someone else to run your social media accounts for you.

Make sure your website is mobile-friendly by April 2015!

Google is just about to change the way its search algorithm ranks websites. Starting on the 21st of April 2015, mobile-friendly websites – websites which resize to fit the screen it’s viewed on, and which are designed with large, easily clickable links, among other features – will be ranked higher than sites which aren’t mobile-friendly when users search for something from a smartphone or tablet.

Google’s changes in search ranking won’t be insignificant, either. In a blog post announcing the changes, Google stated that they will “have a significant impact in our search results.”

The end result, Google says, is to make it easier for their users “to get relevant, high quality search results that are optimised for their devices.”

With more than 60 percent of search traffic pouring in from mobiles, small businesses – especially ones dependent on local searches – need to ensure they’ve made the necessary changes so that their sites aren’t penalised by the new search engine ranking system.

To help businesses, Google has provided companies with a guide to creating mobile-friendly websites as well as a test to see whether or not the website passes as mobile-friendly.

If your website isn’t optimised, it needs to be. Get in contact with Gem Internet to find out more and let us get your website seen by more people!

Posted in SEO

New website launched

We have just launched a new website for the Chepstow Cosmetic Clinic in Chepstow, Monmouthshire. They specialise in non surgical cosmetic treatments. There service is second to none & they needed a new website to represent their excellent business. They provide Botox in Bristol, Mole removal, Skin tag removal & laser skin cosmetic treatments.

We built them a CMS website so that they can edit the content of the website themselves. We also provided them with an onsite SEO package to help them to rank higher in the search results for the local area.

Check out the new website here:

Why a poor quality coded website will rank lower in search results

You might think that all websites are born equal. Looking at them in your browser you may not be able to tell a bad website from a good one & why would you? The search engines how ever see things slightly differently.

A poor quality coded website will have amongst other things;

  1. Poor HTML/CSS coding
  2. Bloated (extra) code
  3. Non valid markup
  4. Too much code & too little text
  5. Deprecated HTML
  6. Large un-optimised images
  7. Broken links
  8. Not mobile optimised
  9. Duplicate code
  10. Missing META data

Many website providers are happy to supply websites which may have all of the above!

Web users are now accessing websites through a variety of different browsers & devices & having errors in the websites code can actually break a website on a users browser, which results in a swift exit from the user.

The search engines will show a properly coded website before displaying a poorly coded website in order to give its customers the best experience & deliver to them a higher quality result.

This all makes sense as Google always wants to deliver the most relevant results first.

If you think your website is ranking lower than it should we can check your website to see if you could benefit from our SEO services and get your website back on track, just get in touch today!

Posted in SEO

Google warns of poor search rankings for non mobile websites

Google has been altering its search results to improve the mobile search experience for its users.

One of the latest changes is showing a “mobile friendly” tag next to a websites listing in the search results that are checked to display correctly on a mobile device.

To check if your website earns this status you can use the mobile-friendly website test tool.

Google has even started sending warnings to webmasters to inform them that their website is not mobile friendly!

If Google sees your website displaying or functioning incorrectly on a mobile they will email your webmaster account with a warning that your website may not rank as well in the mobile search results.

Needless to say these search results are very important to all businesses online. This underlines the need to have a mobile friendly website, its not an option these days if you value your SEO rankings.

If you would like a new mobile friendly website, or to discuss your SEO please get in touch to see how we can help you.


Happy New Year to all of our customers

We hope your websites have served you well through 2014. We will be continuing to provide all of our clients the best service & website options we can through 2015! It should be an exciting year as we will be offering a range of new services to push your online presence to the limits.

So stay tuned & happy new year!

Why is SEO so important for your business website?

If you have a brilliant website but nobody can find it, or if your competitors are ahead of you in the search listings then you need search engine optimisation (SEO) to help your business to grow.

Even if your business is being found the chances are that we can provide you with even more customers & which business doesn’t want that!

Search engine optimisation is an ongoing service which includes many different factors to ultimately increase the number of visitors & conversions your business can achieve.

While it is possible to optimise your websites code alone, there are now so many factors  that effect your website ranking that we provide an ongoing monthly SEO service to our clients to help their ongoing market strategy.