If you are planning to launch a startup in Canada (or maybe you already started a business in Canada), you may think that the European law doesn’t relate to you, but it’s not always the case. If your company has a website, then you operate in the global business environment. Your website can be easily reached by citizens of the European Union. So, if you track the online activity of EU residents, you should comply with GDPR law. If you provide services or sell goods to EU residents even if your company based in Canada, you should also complied with this law.
GDPR is standing for General Data Protection Act that took effect on May 25. Starting from this date all websites, which fall under the law, should have complied.
What should you do to make your website complied with GDPR?
Make sure you have a cookie-warning banner. It should be easily detected by your visitors and should have an explanation section about using the cookie. You need to ask user their permission to use a cookie instead of just stating that you use a cookie on your website. You should also provide your visitors with brief information about cookies and the ways you use them on your website.
You should also be prepared to delete any personal information about your visitors under request.
Google Analytics uses a cookie to track the website visitors’ behavior, so if you use a Google Analytics on your website, don’t forget to make the necessary changes related to this service.
You should avoid the info leaking by all means. Check carefully your firewall settings, antivirus protection, SSL-certificate, and other security measures. Your website, your computer, your server and all of your storage devices must be protected from any unauthorized access.
You can also create an internal company policy related to the GDPR that will help you, your company and your employers stay complied with the law.
If you use newsletters in your marketing strategy, you should revise your email marketing system thoroughly. Canadian and European anti-spam laws are among the strictest in the world, so you should be aware of all the pitfalls that you can face sending newsletters. Double opt-in, voluntary sign-in to your marketing emails, non-abusive marketing strategy, and usage of trusted automation marketing platforms are important aspects to avoid the lawsuits.
In this article, we provided you with the basic information that can help you to stay GDPR complied without falling into technical details. You should make an additional research related to your specific business and your target market. The best way to avoid any unpleasant surprises related to this law is to plan a set of meetings with a website developer, an email marketing specialist and a business lawyer. They can analyze your company and provide you with the most effective solution that will fit best your company needs.
Stiverne law firm is specialized in business law and can help you to legally cover your business and to prevent your company from legal battles.
To find out more about GDPR, we invited you to read this article: