GDPR and your website.

GDPR website compliance requirements will soon be mandatory, and you should now be taking the necessary steps to bring the security, transparency of your use of data and visitor consent options for your website in line with legislation.

As part of this process we are recommending that you take the following steps as a minimum for your website.

Website Steps for GDPR Readiness

  1. An audit of the all the data that is collected about visitors on your site, including both personal and non-personal data, and making a note of any external companies or third parties that may also play a part in storing, using or processing this data.
  2. An update of your Privacy Statement that outlines to your visitors the details of how you track, store, process and use their personal data, as well as details of how you may pass this data onto third parties.  Within your privacy statement should be details of how your visitors can opt out of having their data used, get a copy of their data or request for their data to be deleted.    

  3. Increased Site Security, including use of an SSL certificate and software to protect your site from data theft and hacks.  Although no site is 100% safe from hacks, you should show that you are doing all you can in this respect.  Addition of an SSL certificate is a task that needs completing by someone with knowledge on how to do this without compromising your performance in search engines.

  4. An update of all instances where your site asks your visitors to opt in or give their consent for their data to be used.  For all personal data a “soft opt-in” will no longer be enough for your GDPR website compliance requirements. Wherever you ask for or track personal data from a visitor to your site, you will have to explain exactly how you will intend to use that data at the point that they give it to you and gain “explicit" consent for all the different channels and ways with which you intend to use that data.

Typical Prices

*Prices may vary depending on complexity of site.

GDPR Website Ready Package


Audit of site data collection points and identification of third parties; creation of revised GDPR-compliant privacy statement; development of consent points to meet GDPR requirements.

HTTPS Migration Package


Addition of SSL certificate and associated required activity to minimise impact on search performance. View our separate document that outlines the steps you should take for adding an ssl certificate and the https migration process

Any recommendations or activity that we carry out in this respect does not constitute legal advice, these steps are merely our recommendations based on our understanding of the forthcoming legislation.  Adherence requirements may alter as understanding and application of GDPR develops in the marketplace.  You are legally responsible to ensure your company’s adherence to GDPR.  This activity does not cover your overall responsibilities as a company owner and/or data controller and you should ensure that you are compliant in this respect by seeking the correct guidance.  


  1. You should also take this opportunity to confirm consent for existing lists for which you don’t have a record of their consent to contact them.  This is part of your GDPR website compliance requirements.

  2. If you work with a third party agency ensure contracts with your marketing data processors, such as your marketing or web design agency, and they process or have access to any customer data, then you will also need to issue them with a contract as a data processor that covers all of the areas required by GDPR.

You have until 25th May to be compliant with the GDPR.  If you haven’t taken steps already then you will need to act quickly.  At CX Marketing we can help to complete these specific tasks with regards to your website.  Contact Us today.