1. Examine your own website
Websites are often ordered from companies that specializes in creation of both website design as well as operation of it; therefore, there are cases where the owner of a website is not aware of which particular information is being collected from the visitors of the website.
It is also important to know if and how your website interacts with other websites. The interaction may occur in very different ways. For example, dissemination or reception of advertisements, or an option for users to make comments and use hash-tags. In these cases, there is a possibility that you keep transferring certain personal data to third parties.
2. Know where your website is functioning
Different countries may have different requirements applicable to personal data processing. In that case, if, for example, individuals form Lithuania, Latvia and Estonia can make purchases from your online shop, you should check whether the same privacy provisions are relevant in respect of all the Baltic States.
3. Obtain person’s consent is a must
Personal data is not limited to the data specifically identifying the person (person’s name). It may be virtually any information relating to the individual. The information provided to the visitors of the website about collection and processing of their personal data must be clear and easy to understandable. Consider who are your customers and acquire their consent in the language they understand.
4. Know what kind of cookies you are using
Cookies are small text files that are stored in a hard drive of computer (or other device), in order to enable website’s administrator to identify the visitor’s device. If the data from cookies is collected and combined with other information appropriately, it is possible to identify – with a high accuracy – the person, his hobbies and the environment that surrounds him/her.
Specific rules of personal data protection apply only to the cookies, which are not strictly necessary for a website. Therefore, it is important to draw attention to what activity is carried out and what information is obtained by using cookies.
5. Let people to “be forgotten”
Collaborate with customers and provide them with a possibility to be acquainted with the processing of personal data and allow them to refuse processing of their data (with the exception of the strictly necessary cookies!).