Making Sure Your Website is EU Compliant

For those who wish to run a website in the EU, making sure your website is EU compliant should be a top priority. There is a lot to look at, so where do you start?

Making Sure Your Website is EU Compliant


Online visibility for your business in the European Union is every bit as important as it is in the US. There are over 500m people in the EU — yes, it can be very hard for a business to stand out.

Is your website EU compliant?

If your a US based business, you might be thinking, who cares? Well, you should if you plan on doing business internationally. The EU is makes up a huge portion of global retail sales. As such, standards (and expectations) are pretty high. With that in mind, then, it is absolutely essential that you make sure your website is fully EU compliant.

As far back as May 2018 the latest General Data Protection Regulation (GDPR) laws have come into place. Businesses in the EU (or trading in the EU) are expected to meet these new compliance regulations. GDPR is something that you must learn to understand, as it will play a key role in your business operations within and across the EU.

You can learn more about the latest GDPR changes here or by studying the infographic from below.


1. Edit all of your contact forms

The first place that you must start is to take a look at your contact forms.

Every website that has a contact form and is targeting EU nationals will need to make sure it is GDPR-compliant. To do that, you need to take a particular look at your online contact forms. For now, any EU-compliant will need to make sure that you clearly tell the user why you want that detail from them. Simply asking for it is not enough: tell them what you are going to be doing with that data.

After all, it is their data. You should be making it clear why you want that data. Why are you asking for their phone number or e-mail address? Tell them why. You should also look to install a tick box for users to agree to, confirming they accept your website terms. Unlike in the past, you cannot force someone to agree. They do not have to agree to your requests. They might also be given the chance to say no to getting more information and communications from your business. More importantly, this must be unticked be default: a failure to adapt to this could be expensive.

2. Perfect your privacy policies

Every business that has a website in the EU is likely to need some form of privacy policy.

Without a privacy policy, you are running a lot of risk as a business owner. Any active website, by EU/GDPR regulation, must now carry a full privacy policy. It should break down what data you keep, why you keep that data, and how you intend to use that data as time goes on.

For example, will your website be sending enquiries to other partners? Or other firms? Then you should definitely make sure that anyone who is using your website is made aware of that. You should not wait around, as making a mistake with a privacy policy can be quite expensive. We recommend that you take a look at some helpful guidelines from the ICO, which should go some way to keeping you on the right path.

Privacy policies were once seen as just another way to fill in text on your site. Today, with EU regulation, you absolutely must get this right. A failure to do so could see your website targeted, or put under the risk of having to close: open, transparent privacy policies are essential.

3. Be more open-minded with e-mail marketing

If you wish to run an EU-compliant website, then you must take better care of how you go about managing your e-mail marketing.

GDPR is partly to do with keeping our e-mail inboxes spam-free. If you wish to e-mail someone, you must have the permission to do so. Otherwise, it is deemed to be unsolicited and thus could be a problem for you in a legal sense.

So, you should look to make the decision about what kind of messages that you wish to send. Be more open-minded when it comes to your e-mail marketing, as you might get a real shock as to how vulnerable your present setup makes you. Be sure to start making sure that you have fully asked everyone if they are still opted in, and make it super-simple for people to subscribe and unsubscribe. The easier that you make this, the more likely that you are to see some positive responses arrive in the near future.

Be sure to look at your e-mail marketing. It’s a major part of running a business in 2019, but it has to also be in-line with present EU regulation.

4. The right to be forgotten

This has become a cornerstone of EU credibility in the internet world.

If you are using your website, you have to be able to know that you can give someone the chance to be forgotten by your business. This means that you have a system in place that means, within a short period of time, anyone who asks your business to remove their information can have it removed more or less right away.

You should look to speak with your web hosting firm and make sure they can make it easier for you to access such information. You should have a system set up, too, where people can easily contact your business for more information about getting removed from your systems. All data must also be stored in the EU, too, so make sure you are using data servers and handles who meet this geographical requirement.

In the past, there have been some interesting discussions about EU-wide internet readiness for GDPR changes. While many are still scrambling to adapt, you can get ahead of the chasing pack by following on from our ideas above. Do this for long enough, and you will make your website EU-compliant. Fail to try to implement any of the above, though, and your website could be under significant scrutiny before you know it.

GDPR infographic copy

Infographic source: