GDPR and your website.

In line with the forthcoming GDPR website compliance requirements, you should be taking steps to improve the security, transparency of data usage and visitor consent options for your website.

As part of this process we are recommending that you take the following steps as a minimum for your website.

Website Steps for GDPR Readiness

  1. An audit of the visitor data that is collected on your site, including both personal and non-personal data, and logging any third parties involved in tracking, processing, storing or using this data.
  2. An update of your Privacy Statement to include this information, outlining how and where visitor data is taken and who is tracking, processing, storing or using this data, including third party providers and processors.  You should also provide details of how visitors can opt out of their data being used, as well as options to provide them with a copy of their data or delete any data held.   

  3. Increased Site Security, including use of an ssl certificate and software to protect your site from data theft and hacks.  Although no site is 100% safe from hacks, you should show that you are doing all you can in this respect.  Addition of an ssl certificate is a task that needs completing by someone with knowledge on how to do this without compromising your performance in search engines.

  4. An update of your opt-in and Data Consent options.  For all personal data a “soft opt-in” will no longer be enough for your GDPR website compliance requirements. Whenever you intend you use personal data given to you by a visitor to your site, you will need to explain how you intend to use that data and obtain explicit consent from them to do so.

Typical Prices

*Prices may vary depending on complexity of site.

GDPR Website Ready Package


Audit of site data collection points and identification of third parties; creation of revised GDPR-compliant privacy statement; development of consent points to meet GDPR requirements.

HTTPS Migration Package


Addition of ssl certificate and associated required activity to minimise impact on search performance. View our separate document that outlines the steps you should take for adding an ssl certificate and the https migration process

Any recommendations or activity that we carry out in this respect does not constitute legal advice, these steps are merely our recommendations based on our understanding of the forthcoming legislation.  Adherence requirements may alter as understanding and application of GDPR develops in the marketplace.  You are legally responsible to ensure your company’s adherence to GDPR.  This activity does not cover your overall responsibilities as a company owner and/or data controller and you should ensure that you are compliant in this respect by seeking the correct guidance.  


  1. You should also take this opportunity to confirm consent for existing lists for which you don’t have a record of their consent to contact them.  This is part of your GDPR website compliance requirements.

  2. If you work with a third party agency ensure contracts with your marketing data processors, such as your marketing or web design agency, and they process or have access to any customer data, then you will also need to issue them with a contract as a data processor that covers all of the areas required by GDPR.

You have until 25th May to be compliant with the GDPR.  If you haven’t taken steps already then you will need to act quickly.  At CX Marketing we can help to complete these specific tasks with regards to your website.  Contact Us today.