The following rows are meant to briefly give you information which are the mandatory things that need to be implemented on your site in order to meet the requirements.
If you have a newsletter to send visitors information about the news on your site and the products inside, you have to ask them specifically whether they agree to receive it. Each form in which consent is declared must be placed with checkboxes, which must be empty. The user should place the checkmark on his own.
When you have different data collection goals, you need to require separate agreement. The correct way to meet the GDPR requirements to obtain the user's consent in this case is to assign a separate checkbox for each required consent.
Apart from the fact that individual data collection objectives need to be clearly stated, it should be specifically indicated if these data will be transmitted to third parties.
You also need to give users an equally easy and quick way to withdraw their consent for each individual type of processing of personal data in relation to each individual purpose you specify.
Most sites use third-party services that, in addition to providing various services for the purpose of user analysis and their behavior, collect a great deal of information that even site owners are not well aware of. Such are Google Analytics, Heatmap tools, some WordPress plugins, and more.
Each time personal information is collected, a link to the information page under point 6 must be provided and explicit confirmation should be sought that they have become familiar with the relevant "Policy Policy". Important! No personal data must be collected from individuals which is not necessary for the purpose of providing the service to the consumer.
When you own online stores, you should not forget that you have the right to collect data for a specific purpose only. In order to deliver a particular commodity, these are two names, a phone number and an address. No personal data needs to be collected from which you do not need. The user must also be informed that this data may be transmitted to third parties (courier company).
Because GDPR pays special attention to data encryption and ways of technically protecting processed data when it comes to websites, SSL is one of the most appropriate ways. Of course, it is always good for the site to have an SSL certificate that will provide additional trust to visitors to the site. This applies mostly to online stores, forums, major online portals, dating sites, and more.
15 Yordan Stubel