This Customer Data Processing Agreement reflects the requirements of the European Data Protection Regulation (“GDPR”) as it comes into effect on May 25, 2018. Laravel´s products and services offered in the European Union are GDPR ready and this post provides you with the necessary documentation of this readiness.
It isn't possible to cover everything you need to know to make your website 100% GDPR compliant. You will need to get legal advice to do so. However, here are some important aspects of your website that you can look after. This will make your website conform to the act more closely.
It is generally a good idea to encrypt traffic to your website. Do this by using HTTPS for your website. There are many benefits to moving to HTTPS. It also gives visitors to your site a feeling of security and trust.
Open your .env file then add the code:
APP_HTTPS=true to enable HTTPS
2. Add a cookie notice
It's necessary to notify users on your site that your website collects cookies.
To enable the cookie go to Settings > Advanced Settings > Cookkie Agreement:
3. Contact forms
Users need to be aware that your site will collect their data when they use your contact form. This is the case with any other form on your site such as a registration form or opt-in form.
Or Booking Submittion form
You can see a tick box so that users can click on it to confirm that they accept your terms of service when they click submit. The tick box is not checked beforehand. Users need to click on it to give explicit consent.
4. Analytics, tracking and remarketing
This refers to any third-party service or plugin you use that collects data. This includes Google Analytics, Google Adwords, remarketing services and e-commerce analytics. For now, we haven't supported it yet, but some suggestions below maybe helpful.
To manage this you need to anonymize the data before storage and processing. Doing so can be complicated if you've manually added Google Analytics to your site. However, you can use a tool or a plugin that automatically connects Google Analytics to your site. Choose one that has GDPR compliance options and can make data anonymization easy.
Finally, Although the GDPR act may seem intimidating, it is actually beneficial to everybody. It aims to prevent future data breaches and protects people and businesses.
It ensures that people’s personal information is not misused. Companies are more vigilant about how they collect and manage data. It also creates more trust in those businesses that do comply with the GDPR act. You can take several steps right away to inform users about how you collect and use data. You’ll be able to implement the GDPR requirements by following the suggestions here and engaging with your users.