GDPR

The purpose of the European General Data Protection Regulation (GDPR), which entered into force since 25 May 2018, is to strengthen the rights to the personal data of all persons residing in the European Union. This results in companies and organizations managing personal data being compliant and properly prepared to operate within the privacy policy.

Actions on the site for the security of personal data based on the new European regulation 2016/679.

All forms on the site should include fields that the user will check and state that he agrees to the storage and processing of his data by your company.

The terms of use must state that each user has rights to the personal data entered on the site and that they are implemented with easy procedures by the site. Also in case the site sends personal data to third parties (Google analytics, adwords etc.) you should state in a prominent place and ask for the user’s consent.
The site should use an ssl security certificate to ensure that the communication between the site and the user is encrypted to better protect the personal data entered by users on your site.
The site newsletter should include functions for additional consent for the possession and processing of personal data that you hold items. Routines should also be created for deleting from the newsletter lists displayed on the site. Finally, the registration in the newsletter lists will be done with the double opt-in process.
If your site uses cookies, you must notify them when someone enters the site and ask you to accept their use. It should clearly give users the right not to accept the installation of cookies and should not store cookies in this case.
The personal data stored in the database of your site should be coded so that in case anyone accesses the database can not get the personal data from it (eg hack).
Creating mechanisms for sending the personal data of a customer who owns the site upon request.
Changes must be made in the guest accounts so that when an order is completed, all the personal data of the customer are automatically deleted.
In the management of the site different levels should be created with different access to personal data from each level to ensure that each user of the management has access only to the personal data that is necessary.
Right of site users to be able to completely delete their account and details from the site.
Once all the above actions are done on your site, our company will give you a certificate of compliance of the site with the European regulation for the protection of personal data.

At the server and hosting level, our company already offers you the following services for the protection of personal data in all hosting packages:

Ability to encrypt emails via PGP, if the sender and recipient support it.
Possibility of encrypted communication for incoming and outgoing emails, if the sender and the recipient support it.
Possibility of encrypted communication for the sites, if activated
Protection against brute force attacks on webmail, controlpanel, imap, smtp, pop3 and ftp.
We offer tools for encrypting site files, emails and databases.