Navigate back to the homepage

What we should do for creating GDPR compliant websites/apps

October 5th, 2020 · 1 min read

[Photo by Paulius Dragunas on Unsplash]

I am creating a Chrome Extention and website as the main project for practising React.

On the way, I learnt I should implement policies and thought…

“Is it alright just do it🤔? I am creating them in English.”

This research made me wander around on a bunch of websites and books because I was not able to find a piece of covered information well!

Below is a brief summary and I might update later.

What is personal data in GDPR?

Not only name, address etc but also includes IP addresses.

Reference : What is personal data?

What to do for creating GDPR compliant websites/apps

  • implement a privacy policy

  • implement functions (delete / correct / export personal information)

  • check age(need parents’ agreement under 16)

  • keep data minimum (recommend: secure data management)

  • set term for keeping data

  • get agreements from customer (use deferent way depend on the data)

    • cookie banner

    • checkbox

  • appoint a DPO(Data Protection Officer) *for not all entity (ex: for entities who deal with large personal data)

  • representative in GDPR applied area if you are not in there

    *might be needed for google analytics even if anonymize IP address due to the technique of data processing

  • encrypt personal data (recommended)

“I have nothing to do with it!”

It would be the most case so.

It might help you if you are going to work in a large business or an expected firm and avoid to be laid off by GDPR fines or you want to follow the law.

  • check GDPR and the others if you create something in English (I also need to know more)

  • check about the law in your area (There might be a special law and it might be applied even if you create something in the not local language.)

  • ask a lawyer

What I will do then

I found out that there is a way to restrict the GDPR applied area by IP address or show the target customer on a website to avoid it.

It seems not possible to restrict IP by Netlify or Vercel.

I will just show my target customers on the page as the first stage of publishment and it would be the easiest way!

It is best to ask a lawyer, though😅

Let me know if I was something wrong or there is something else need to know from twitter.


Creating something by React.

More articles

How do you learn? Change the approach variously

Every person would differ how to learn something. I wrote about in my case.

September 5th, 2020 · 1 min read
© 2020 webiroha | Created by Gatsby theme
Link to $ to $ to $