What is GDPR?
GDPR is the EU’s culmination of four years effort to update data protection for the 21st century. It will replace the Data Protection Act of 1998 in order to give people much more control over how organisations use their data. Organisations that fail to comply with the new rules or suffer from data breaches will be awarded a large financial penalty.
The introduction of GDPR represents the European Union’s desire to rectify how large organisations use (and occasionally abuse) people’s data, which has been given in exchange for a free service. The ongoing Cambridge Analytica scandal highlights the dangers of granting access. But GDPR also offers more clarity surrounding the legal environment that dictates how organisations can behave.

Does it apply to you?
If you process, store or transmit the personal data of EU residents’ including UK residents, then GDPR applies to you and you must comply with it. Personal data can encompass many identifiers including but not limited to, name, I.D number or location data. GDPR applies to two main types of organisation, the ‘controllers’ who must state how and why personal data is being processed, and ‘processors’ who actually process personal data.
If your organisation collects personal data through passive consent (opting out rather than opting in) then you must firstly change the way you acquire it. ‘Controllers’ must then keep a record of how and when individuals gave consent, which may also be rescinded at the individual’s wish.
GDPR is already required for businesses and organisations; however the deadline for making appropriate changes is 25th May 2018.

How can we help?
GDPR is a minefield, and knowing whether GDPR applies to you is difficult to understand let alone being able to identify the changes you need to make to comply. Whilst we are not experts in the field, we know people that are. If you think GDPR applies to you we are happy to put you in touch with one of our expert contacts. They will advise you on the changes you need to make to fully comply. Fluid Studios are happy to discuss the changes they recommend, and do these for you; however charges will naturally occur for website changes.
Remember the deadline is 25th May 2018 and organisations that fail to comply by this point will face hefty penalties. We strongly recommend you seek the help of our GDPR experts and ask us to make the necessary changes well before this date. It is down to the organisation to make the changes to comply, and whilst we will strive to fit you in around our current work, we may not be able to help if you leave it too late.

Technical Information / FAQs

Is my site compliant?
We are unable to confirm that your own site or business is compliant. We can give you as much information as we have about our websites and hosting, but you will need to make the decision for yourselves on your own compliance.

Who provides my hosting?
Shared Cloud Hosting / Value Package - This hosting package is supplied by Heart Internet. More information on their services can be found below. If you do not know which hosting service you have with us, it is probably this one. You can find out about their hosting systems, security and SSL certificates here.

VPS Hosting - Our VPS services are supplied by Nimbus Hosting, Tagadab and Smart Hosting. If you use VPS hosting, please ask us which provider you are with and we'll try to provide you with the technical information you need.

Where is my data stored? What security is in place? Who provides the SSLs?
For most of our hosting customers (Who use our most popular 'Shared Cloud Hosting / Value Package'), all of these answers are on our providers website, Heart Internet.

What cookies does my website use?
Nearly all our websites use Google Analytics to record how users interact with the website. The exact names of these cookies can be found here.
If you have a CMS, the website will use a cookie to see if you are logged in to it. Your website may use other cookies if you have any of these services: eCommerce (for basket / login functions), user accounts (session cookies for login functions), live chat, hotjar tracking, social media page share buttons and any other 3rd party integration.
There are a few websites that can tell you what cookies you website is using such as http://www.cookie-checker.com/ (they can take a few minutes to analyse). There are also browser plugins that do the same.

What is your own GDPR policy?
Fluid Studios Ltd complies with all data protection laws applicable to its operations. We see GDPR as helping to maintain the privacy of our customers, and we’re working towards compliance as appropriate and necessary.

We store data as needed to manage and run your account, including for accounting, service configuration, and other reasons. You can see our Privacy Statement here.