Compliance is not a choice, it’s compulsory for your website
GDPR compliance is not just a matter of ticking a few boxes; the Regulation demands that you be able to demonstrate compliance with its data processing principles. This involves taking a risk-based approach to data protection, ensuring appropriate policies and procedures are in place to deal with the transparency, accountability and individuals’ rights provisions, as well as building a workplace culture of data privacy and security.
For many organisations, achieving GDPR compliance will be a year-long journey – if not longer. If you have only just started your GDPR project, it is unlikely you will be 100% compliant by 25 May 2018. However, rather than panic, you should prioritise tackling those areas where a lack of action would leave your organisation exposed. Where an infringement occurs, demonstrating you have made a start could help reduce potential penalties.