Website GDPR Audit

Website GDPR Audit

Full compliance of websites with the data protection regulatory framework has become, undoubtedly, a key priority for European supervising authorities, given the significant number of million-euro fines imposed on website owners for illegally processing personal data, while a new practice is now the banning of websites that have compliance gaps. It should be noted that the Greek supervisory authority carries out remote audits without the interested party being aware of it, the latter receiving a letter with reference to the gaps identified by the national Data Protection Authority and a specific deadline given for compliance.

The GDPR has significantly increased the legitimacy requirements of websites, affecting all digital activities, including first and foremost e-commerce activities, but also email marketing and social media interaction, which in many cases proves to be particularly important.

Improper and inadequate management of a website can jeopardize the reputation of any organization and lead to fines and possibly suspension. The most important gaps observed in the management and operation of websites, are usually the following:

  • Installation and use of cookies without properly informing and without obtaining the consent of the website visitor.
  • Inadequately informing the data subjects and sending promotional emails without obtaining proper consent at the time and in the manner required.
  • Improper registration process for online services.
  • Insufficient password control mechanism.
  • Inadequate and incomprehensible information provided to customers about the processing of their personal data.
  • No update of the Terms & Conditions that govern the operation of the website.

Andersen Legal has one of the most experienced teams of Data Protection Experts, who have performed numerous compliance projects and compliance audits.

Our team is the most suitable to guide you in the steps you need to follow in order to make your website comply with the applicable legal framework.

Step 1: Contact us to plan a Website Audit

Step 2: Compliance audit in the light of Regulation 679/2016 (GDPR) and Law 3471/2006 on data protection in the field of electronic communications.

Step 3: Website Audit Report with the outcome of the audit and the proposed, necessary and optional, actions, to make your website comply with the legislation and avoid problems with unpredictable consequences.