Your Funeral Director Website GDPR Compliance

By gerryking

We all have access to the ICO website and the mountain of advice, courses, webinars etc that are available on the topic however despite our best efforts it can be difficult to fully understand what it all means or requires.  Until proven legal cases develop and are brought to conclusion it’s difficult to see how anyone can definitively state exactly what is required for GDPR compliance.

The purpose of this article is explicitly NOT to provide legal advice but to provide some specific information with useful links to further resources.

Privacy Policy – Disclosure

We should do our best to ensure we are compliant given the knowledge we have by providing a Privacy Policy – Disclosure section on our website about data collection and by limiting the data we collect (data is usually collected in the case of a WordPress website via plugins such as Woocommerce or Gravity forms etc). At the time of writing WordPress are working on functionality that will enable a website owner to deliver to any website user on request a summary of their data that you have collected (if any).

A website has the potential to collect the specific category PII (Personally Identifiable Information) but that is not to say that every website does so. This website does not do that and it is quite likely that yours does not either.

This category of data is personal data which the GDPR says is more sensitive, and so needs more protection. PII can be deemed as more detailed and sensitive data as shown here:

https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/special-category-data/

https://en.wikipedia.org/wiki/Personally_identifiable_information

If you do collect explicit data it will be required that you can deliver as mentioned earlier, to any website user on request, a summary of their data that you have collected. It will therefore make sense to not collect ‘personally identifiable information’ from your users.

As explained at the beginning of this article the purpose has NOT been to provide legal advice. The text is purposely brief and comprises of several useful links to specific relevant information. Nonetheless there are individuals who have a better understanding of GDPR requirements therefore further research would be advisable.

This article is also timely; i.e. over time our understanding of the regulations will develop and be informed by events at which point we will review the context.

Legal Resources

https://seqlegal.com/free-legal-documents/privacy-policy

Further Reading

https://ico.org.uk/media/for-organisations/documents/1549/determining_what_is_personal_data_quick_reference_guide.pdf

Additional Services

Additional Services

Posted in Funeral Director Websites Blog and tagged