Blog

Does my website really need a privacy policy?

First to clearly state: iSeek / Seek Internet Solutions Ltd are not legal experts nor data privacy experts and we have compiled the information below from reading industry news and using our experience as web developers. We make no guarantee that this information will ensure your compliance with any regulations.

At iSeek we are often asked by customers during a website development –
Does my website really need a privacy policy?

The answer is likely yes, you really do.

It is too easy for a business owner to overlooked (or completely forgotten) or leave a privacy policy terribly outdated. But with so many new data privacy regulations cropping up, skipping out on a privacy policy is a high risk and companies are getting fined or into serious legal troubles.

Here are a few examples of regulations that require a privacy policy:

  1. California Online Privacy Protection Act
  2. Privacy Shield
  3. EU General Data Protection Regulation (effective May 2018)
  4. Children’s Online Privacy Protection Rule

Regulations around privacy policies don’t just end at your website: any tool that collects information from your site — such as website analytics, online forms, or chat widgets — will require a policy too. Google Analytics, the most popular web analytics tool has a privacy policy requirement in its terms of use.

And if you’re planning on running any online ad campaigns, both Google and Facebook require privacy policies in place if you’re collecting any user information. This is especially important for Facebook Lead Ads, which require a privacy policy URL link within each ad you create.

And the above is just to cover data privacy for your businesses online activities, most businesses should expend the policy as well to how their business manages their customers data company wide to help better protect themselves.

There are many ways to generate a privacy policy and below are some useful articles to give you a broad overview:

There are also many websites that will help you generate such a policy such as https://getterms.io/ but we advise that these are really only useful for very basic circumstances and often it is too easy to make a mistake or leave essential parts out using such services in our opinion

Also the most common way people generate their privacy policy is to see what their competitors write on theirs and copy the parts they feel are most suitable for them but again this is a very high risk option and without legal advise it can leave your business vulnerable to a fine or legal expenses

Terms, Privacy and Cookie Policy Pages on websites

First to clearly state: iSeek / Seek Internet Solutions Ltd are not legal experts nor data privacy experts and we have compiled the information below from reading industry news and using our experience as web developers. We make no guarantee that this information will ensure your compliance with any regulations.

The following are the 3 most common pages on a website customers asked us for help writing but we cannot. So this guide will explain a little more detail why and what are the possible options

  1. Terms of Service/Terms of business/Terms and Conditions 
    This page is only required legally if you do e-commerce so you can state things like your refund and returns policy
    But a lot of non e-commerce sites also have a page like this and the reason is for your business dealings with others. The website is an ideal place to put a page such as this so that you can always state to anyone complaining about how you do business that you fairly offer and state the terms of our service on your publicly accessible website so had they been unsure of the terms when doing business with you they could have found them themselves – so it can offer a form of protection for your business but this page is not required unless you offer e-commerce. Since the content of such a page is about how your conduct business and under what terms your website design firm really is in no position to help offer advice on the contents of such a page.
  2. Privacy Policy
    Even before GDPR having a privacy page was important but since this legislation in 2018 it is now a must and essential. However a privacy policy can cover just how the website manages the privacy of visitors or the policy can and in most cases should cover how your entire company manages data privacy. Since the content of this page is a legal statement, iSeek are not able to offer legal expert advice on the subject of data privacy. We can offer referrals to firms who can offer such advice but these services can be expensive. A common practice is to look at your competitor sites and copy some of their privacy statements but without legal advice this can be very risky.
  3. Cookies Policy
    We have been getting a lot of enquiries about this recently so have created an article for it here
    https://iseek.ie/guidance-on-cookies-and-similar-technologies/

Guidance on Cookies and Similar Technologies

iSeek are seeing an increase in the number of customers asking about compliance with data laws and, in particular, with data privacy and cookie notices.

First to clearly state: iSeek / Seek Internet Solutions Ltd are not legal experts nor data privacy experts and we have compiled the information below from reading industry news and using our experience as web developers. We make no guarantee that this information will ensure your compliance with any regulations.

Clients often ask us to add a generic cookie notice, similar to what they see on most other sites, thinking this will make their site compliant with the regulations.

However, the vast majority of sites currently do not comply with the data regulations. So, to copy what they are doing will not make your site compliant.

Here is a summary of some of the most common cookie options for website owners:

  1. Generic Cookie Notice such as  https://wordpress.org/plugins/cookie-notice/ This means the client needs to write a cookie policy page. They tend to write a very generic overview page similar to a lot of sites. This plugin will display a notice to new users and have an “accept all” button for them to accept the cookies – This sort of solution will NOT make your site compliant.
  2. Partial Compliance such as https://wordpress.org/plugins/complianz-gdpr/ This plugin presents a questionnaire to the site owner on a number of common cookies sites use and it creates and displays a cookie policy based on their answers. In our experience, in most cases clients give incorrect answers, or there are other services on the site the questionnaire does not cover, and so these are missed in the policy that is created.
  3. Cookiebot – https://www.cookiebot.com/en/pricing/ We have used this service on many sites. It needs careful setup to make it GDPR compliant, or at least very close to it. You can see a report from the Irish DPC where it states that many firms wrongly thought the default, out-of-the-box setup of cookie-bot made them compliant. The plugin will scan your site and create the cookie policy and update this monthly and it will create the cookie notice, which is much more closely compliant with GDPR so far. However, a recent review by the Data Commissioner found it still recorded cookies when not asked to, so there is a big question mark over the plugin as a solution. The plugin is free for sites with less than 100 pages; for larger sites, you need to pay for it.
  4. Baycloud – https://baycloud.com We are currently testing one solution from Baycloud that looks good. It will cost around €20 per month. The plugin will scan the site for cookies and write a cookie policy and manage the cookie notification. It also does its own version of Analytics on the site. It also display a more customer friendly message on any function it blocks due to cookie policy. The service is very new and the provider is offering a short free trial.

There are thousands of other providers and all promise compliance so it is really difficult for the average website owner to know which to go with.

Why are so many site owners delaying or avoiding complying with the new regulations

  • Most micro and small business owners have little knowledge on data privacy regulations and how that relates to their website
  • The more compliant cookie notices are bigger as they need to display more content. To customise the colour and logos on them often means you have to pay and if you don’t do this, it does not provide a good user experience for your visitors
  • The 3rd party services that can be setup to be compliant, split cookies into categories. Marketing cookies like those used by Google Analytics cannot be pre-selected and most people just hit the first accept button they see. This means Google Analytics will stop recording stats effectively.
  • Additionally you may have to change how 3rd services are configured, e.g., to be compliant you need to modify what Google Analytics records, such as having to anonymise ip addresses. Which again reduces the usefulness of the data you can then get in your stats.
  •  The data privacy area is a minefield and very hard to be sure about. Moreover, there are further changes coming in the next year or two and there are a lot of legal cases still ongoing to determine what is allowed and not. Many businesses are taking a wait-and-see approach and until they see businesses similar to them getting fined will not take action.
  • Getting a legal professional to advise you on this area can be expensive and will still require a lot of input from a business owner. Such a professional could potentially discover other data privacy issues which require changes, such as the accountancy software your firm uses to store customers data.

If you would like our help please send an email to support@iseek.ie


Appendix – Summary of Irish Data Protection Reports and Findings

The Irish DPC – https://dataprotection.ie recently published guidance on cookies and similar technologies.

They sent a questionnaire to 40 organisations between August and December 2019

Read the full report here – https://dataprotection.ie/en/guidance-landing/cookies

The below was sourced from https://www.huntonprivacyblog.com/2020/04/08/irish-dpc-publishes-new-cookie-guidance/

DPC Findings

Key findings of the sweep include:

  • Non-necessary cookies set on landing: On almost all the websites examined, cookies were set immediately on the landing page. This included, in many cases, non-necessary cookies.
  • Pre-checked consent boxes: 26% of the responding organisations presented pre-checked boxes to signal consent to cookies, including to marketing and analytics cookies.
  • Implied consent: Two-thirds of the organisations specifically stated that they were relying on (1) a model of “implied consent” to set cookies, based on the wording of their cookie banners (e.g., “by continuing to browse this site you consent to the use of cookies”), and/or (2) the user controlling cookies via their browser settings.
  • Misclassification of cookies as “necessary”: Many organisations miscategorised the cookies deployed on their websites as “necessary” or “strictly necessary.”
  • Badly designed cookie banners and consent-management platforms (“CMPs”): Badly designed cookie banners and CMPs were also a feature on some websites (e.g., cookie banners offering no choice other than an “accept” button without any link to additional information about cookies, and with the cookies policy or privacy policy in the page footer obscured by the banner; and CMPs using sliders with a binary colour choice only, i.e., sliders which are not marked clearly to denote the “on” and “off” positions).
  • Bundling of consent for all purposes: For most organisations, consent was “bundled,” i.e., users were unable to provide consent to particular purposes for which cookies were being used.
  • No visible functionality to change cookie settings: Most websites did not offer tools for users to vary or withdraw cookie choices at a later stage, despite the deployment of third-party vendors’ CMPs by some organisations.

About 15 of the 38 organisations who responded signalled either that they were aware they may not be compliant with the existing rules, or that they had identified improvements that they could make to their websites in order to demonstrate compliance. However, “it was clear from some responses,” the DPC stated, “that even the changes proposed by controllers may not serve to bring them into full compliance.”


New Cookie Guidance

Key takeaways from the DPC’s new cookie guidance include:

  • Organisations must ensure that no non-necessary cookies and similar technologies (including local storage objects or “flash” cookies, software development kits (“SDKs”), pixel trackers (or pixel gifs), “like” buttons and social sharing tools, and device fingerprinting technologies) are set on the landing page of their site or app;
  • Obtaining users’ consent by implementing a cookie banner or pop-up is acceptable, provided that:
    • the cookie banner or pop-up outlines that the organisation is requesting consent for the use of cookies and similar technologies for specific purposes, and allows the user to reject non-necessary cookies and similar technologies, or to request more information about the use of cookies and similar technologies. Wording such as “by continuing to use the site, you consent to the use of cookies” is no longer permissible;
    • the cookie banner or pop-up is not designed in a way that “nudges” a user into accepting cookies over rejecting them. In practice, if there is an “accept” button on the banner, the banner must give equal prominence to a “reject” button, or to an option which brings users to a second layer of information and allows them to manage their cookie settings; and
    • this second layer of information must provide more detailed information about the types and purposes of cookies or other technologies being set, and the third parties who will process information collected when those cookies and similar technologies are deployed. It also must provide users with options to accept or reject such cookies/similar technologies by cookie type and purpose, e.g., via check-boxes that must not be pre-checked, or sliders that must not be set to “on” by default. Check-boxes or sliders should be clearly marked as “on” or “off”, even if they also have a binary colour choice so that users do not have to guess at their functionality.
  • Users must also be able to change their cookie preferences at any time, e.g., via a cookie button (or a “radio button”) available on each web page, which reveals sliders or on/off options.
  • If a cookie is used to store a record that a user has given consent to the use of cookies, this cookie should have a lifespan of 6 months. Like the CNIL in France, the DPC considers obtaining users’ renewed consent after 6 months appropriate.
  • Any record of consent must be backed up by demonstrable organisational and technical measures that ensure a user’s expression of consent (or withdrawal) can be effectively acted on.
  • Analytics cookies, targeting cookies and marketing cookies require users’ prior consent. However, first-party analytics cookies are considered potentially low risk and therefore are unlikely to be a priority for any formal enforcement action by the DPC.
  • Organisations must also must examine the role of the third parties using cookies and similar technologies on their website or app as (joint) data controllers or data processors. In particular, they must examine the possible joint data controller issues arising from the use of third-party assets and plugins. Where necessary, they must put in place the appropriate data processing agreement with these third parties, which must reflect the actual facts of the processing.

The DPC made it clear that they expect organisations (acting as data controllers) to comply with the current cookie law rules. Organisations have a six-month window to get in compliance with the DPC’s new cookie guidance; after that period, the DPC may take action to enforce the guidance

How To Write A Great Website Brief

If you want a new website – you will want to know how much it will cost. Before any estimates are given, most design agencies will ask for a project brief of time kind. The website brief is absolutely essential before beginning any project as it sets out the stepping stones for the entire creative process.

There is not an industry standard project brief as every agency may work differently, for example some may focus more on how the business and their values will be portrayed, other agencies may want explicit detail on exactly what does what on the proposed website.

While it can be difficult to judge how much detail should be provided in a project brief, we have put together 13 steps to help you put together a great project brief that will help you and your agency save time in the long run.

Here are the 13 points any great website brief should include:

1. About Your Business

Company information is often left out of website briefs despite it being a crucial part of any website brief. Certain details about your Company can have a huge impact on the way the end product (the Website) turns out. It is essential that you describe your brand and your company ethos, how do you want to be portrayed to your customers?

Furthermore, plans for future growth should be included.

2. Target Audience & Users

Your target audience and your users are the people who you are trying to sell your products or services to. When writing your Project brief, describe what your ideal client looks like. This will ensure that your new website is optimised for your target users.

This section can be expanded upon further to include market research from existing customers such as what are your typical customers looking for, what do they want to see?

3. Goals of the New Site

What are you aiming to achieve with your new website? Below are some of the typical answers:

  • Increase brand awareness.
  • Improve online presence.
  • Increase online exposure through natural and paid listings.
  • Increase sales.
  • Generate leads and enquiries.
  • Improved source of information through e-learning or blogs.
  • Bespoke requirements for clients i.e. bespoke platforms or services.

If you have an existing website, include a section about what you like and don’t like, what you think works etc.

4. Competitors or Sites You Like

When writing your project brief, don’t forget to include a list of your competitors and also other websites that you like. This will give the design agency you are working with a good idea of what you are looking for.

5. Look & Feel

After looking at your competitors, if at all possible try and describe the ‘look & feel’ you would like to go for, we understand that not everyone can visualise exactly what they are looking for, but even the simplest suggestions can go a long way.

6. Technical Features & Requirements

This section is very important and must be included in the project brief, especially for larger projects. In order to avoid unexpected additional costs it is important to lay out all your feature and functionality requirements in this section in as much detail as possible.

  • Does the site need to feature user logins? i.e An eCommerce website where a User can login to view their basket.
  • Will products be sold on the site? If so, describe the product categories and variations, what payment methods (we recommend Stripe) you plan on using, discount codes, delivery costs etc.
  • API Integration – Will your site feature any third party integration, i.e. a Financial advisory website that integrates a insurance comparison search bar from another company.
  • Government / Established institutions may have certain guidelines for development – these need to be given up front.

Also list the general features that you’d like to have on the website such as:

  • News / Blog
  • Social Media Feeds
  • Discussion Forum
  • Interactive Map
  • Events Section
  • Online Bookings
  • Portfolio Section
  • Team Page

7. In-house requirements

Don’t forget to include details on how the site will be managed on a day-to-day basis once it is live. How regularly will it be updated with new content, will any kind of analytics such as Google Analytics be required?

8. Content

Content is another essential component of the website design & development process. Will you be providing the content for the website or would you like the design agency to find a copy writer to write the content for you?

Content delivery is often the number one cause for delay in the website development process as sites can often sit there waiting to launch delayed purely by lack of content. This can be avoided by planning ahead.

The same goes for Photography, will you be providing photography or do you need photos to be sourced from stock libraries.

Lastly do not forget to provide your Logo files, files ending in .ai, .eps or .svg are the ideal file types but high resolution .png may also be acceptable.

9. Hosting, support & maintenance

Of course your website needs to be hosted somewhere once it’s completed. It is important to clarify if you already have existing hosting, or you are happy to move your hosting to the agency building the site. The same goes for site maintenance, do you have a current plan or are you looking for a plan for your new site?

Website hosting should be supplemented by regular maintenance, security checkups and weekly backups to ensure that any unexpected issues can be resolved immediately.

10. Online marketing & SEO

You have your brand new website online, but you aren’t getting any traffic, why is this? Digitial marketing is vital to the success of your new website, if you already have marketing plans in place please ensure to include them in the brief.

A new website can often be a big investment for your company, so there is nothing worse than not driving traffic to your website through methods such as SEO (Search engine optimisation), pay-per-click, social media & email marketing.

11. Deadline

Of course with every project comes a deadline, if you need your new website by a certain date, it is essential that this is stated from the beginning so this can be accounted for in the project timeline and the budget.

12. Measuring your success

Not something that needs to feature in a project brief, but certainly something to keep in mind. How will you measure the success of your new site, do you have records of the traffic / number of enquires your current website is bringing in and will you be able to compare those with the results from your new site.

13. Budget

With every project comes the budget, what is the amount you have budgeted for your new website? Is all the features and functionality you have requested within your budget range? That will be determined from the project brief.

Many people don’t understand digital agency costs, if your budget is only a few hundred euros then it may be better to look into DIY website builders such as WIX. Remember that you’re not only paying for a product (the website) but also a service that includes consultation, research, user experience planning and strategy.

Specifying your budget in your brief is essential so that the agency can determine what is possible within the budget and what is not. If all your requested features and functionality are out of your budget range this gives you the option to determine whether you’d like to allocate more budget to allow for a desired functionality or if you’d rather keep within the budget and leave certain features out.

Looking for a new website? Get in touch with us!

Could your website do with a €2,500 grant to improve your online sales?

Is your website looking old and tired, doesn’t work properly on mobile phones and is generating little or no revenue for your business?

If so, why not avail of a Local Enterprise Office (LEO) – Trading Online Voucher (TOV) to give your online business a kick-start for 2019.
If you want a new website or to redevelop an existing site you could be eligible for a grant of up to €2,500 (50% of the development costs) to overhaul your website and get it working for you.

But hurry – most Local Enterprise Offices have a closing date for voucher applications in mid to late January.

A Trading Online Voucher (TOV) offers small businesses and retailers the opportunity to apply for match funding to the value of €2,500 to develop and improve their online trading presence. The funding can be used for any of the following:

  • The development or upgrade of an e-commerce website such as implementing online payments or booking systems
  • Purchase of Internet related software
  • Online advertising
  • Development of an app
  • Implementation of a digital marketing strategy
  • Consultation with ICT experts for early stage adopters of online strategy
  • Training/skills development specifically to establish and manage an online trading activity
  • Photography

If you would like to take advantage of this grant to improve your online sales, call iSeek on  021 2429494 or email us at sales@iseek.ie   and we can help to get your application in before January 25th.

EmailFix

Please read the below carefully.

We have noticed that a number of customers are experiencing the following problems post migration:

  • Issues Sending Emails
  • Issues Receiving Emails
  • Receiving Duplicate Emails – this could not be avoided and we apologise for any inconvenience caused

We are working hard to resolve these issues and appreciate your patience at this very busy time.

Fix for most sending email problems

This solution has worked for a number of customers:
Please follow the instructions in the following link –

Ignore the instruction to change the Outgoing email port to 587; leave it at 25.

http://www.networksolutions.com/support/how-do-i-enable-smtp-authentication/

You should also change your outgoing mail server to

web1.iseek.host

Fix for receiving email

We recommend customers not able to receive email to change their incoming mail server to

web1.iseek.host

We are working as fast and hard as we can on all remaining issues
We appreciate your patience

iPhone – how to enable email Authentication

Please watch this video to see how to enable authentication for sending  -this fixes the sending problem for most users on iphones

This shows you where to enter the username and password for authentication. However the other settings in this video will not work.

So the other settings are

hostname – web1.iseek.host

Use SSL  – on

Authenticaion – password

Port  – 25

If you need your username and password please send an email to support@iseek.ie

 

 

Outlook 2013  – how to enable email Authentication

So the other settings are

hostname – web1.iseek.host

Use SSL  – on

Authenticaion – password

Port  – 25

If you need your username and password please send an email to support@iseek.ie

 

Mac Mail

So the other settings are

hostname – web1.iseek.host

Use SSL  – on

Authenticaion – password

Port  – 25

If you need your username and password please send an email to support@iseek.ie

 

What makes a good Logo??

Your Logo Should Identify Your Business

Your logo should convey something essential about your business’ identity. The design should reflect your business’ personality, its attitude, its sense of style, professionalism or fun, or whatever it is your business is about. A well thought out logo will promote those qualities you want people to associate with your business.

Read More

Top 10 Reasons to Update Your Website

A great website is a vital part of any online marketing strategy.  After all your website is your modern day storefront/brochure/golden pages listing, etc and in many cases the website is the first impression potential customers will have of your business.

Whether you are providing a product or service, are a small business, start-up, or growing company, working in a small niche market or selling to a wide variety of target customers, your website should be functioning as the crown jewel in your marketing and sales strategy to attract potential clients and win their business.

Read More

Why write a website brief

We are asked to quote for a new website at least 5-10 times per week.

Our first reply when asked for a quote is always “Do you have a brief for the project”

Why would we answer a question with a question. Is it not bad form for us to push back on the client straight away to deliver more information?

Read More

WooCommerce iPhone app

WooCommerce is the shopping cart system we use the most today.

It is powerful, modular and built into WordPress but now it also has an iPhone app to make it even better.

Read More

New Domain Extensions

With the launch of new extensions, you can register a domain name that’s tailored to your industry, expertise or interest. It can describe what you do (and where!) much more precisely and set you apart from the competition. Some businesses (new and existing) were not able to get the domain name they wanted so had to register a domain name like – companynameandservice.com or .ie

Read More