There are many factors to consider when it comes to choosing the best 3D design company to work with and for many, data management policies won’t be one of them. And, that’s understandable. It’s not exactly exciting to talk about and doesn’t relate to the actual quality of work being produced either. However, this is definitely a factor that should at the very least be on the radar and form part of the decision making process.
You can tell a lot about a business just by looking at how they’ve responded to something as serious as GDPR, especially since it’s now been more than 2 years since it came into effect. By this point, every business should be aware of this and at the very least, should have made some effort to implement the required changes to the best of their ability. After all, it’s the law. Small businesses that might be run by just a single person could potentially be excused for having a less than perfect implementation of GDPR procedures to some extent, but they aren’t the worst offenders. In many cases, it appears to be the large 3D design businesses with the biggest clients that are. Businesses that have lots of staff, plenty of financial resources and should know better.
Therefore, I think it’s reasonable to say that it reflects badly on the overall culture of any 3D design business that might have made a conscious effort to ignore GDPR completely. And here’s the bigger issue. If a business doesn’t take the privacy of both your company and staff seriously, what does that say about them? Blocking cookies is only one part of GDPR, so might this highlight bigger internal issues that aren’t as apparent? Do you really want to support any business that believes they are above the law and doesn’t care about your data?
Here’s a brief and non-exhaustive checklist to help you identify if a business is GDPR compliant when visiting their website.
- Are YouTube videos embedded and loaded?
- Are Vimeo videos being embedded and loaded? Please see supplementary information at the bottom of this article.
- Is there a live chat service?
- Is content from Facebook, Instagram or Twitter embedded and loaded by default?
- Is the website using Google Analytics – You can usually tell by looking in the bottom left corner of the browser window as you move from page to page.
If the answer to any of the above questions is YES, did you receive any form of notification to inform you that marketing / tracking cookies might be in use on the website? Were you given the option to decline and / or manage your cookie preferences before this content was loaded?
If the answer to that question is NO, then it’s very likely that the 3D design business in question is not GDPR compliant and doesn’t take your privacy seriously. This is because the content listed above will frequently make use of marketing cookies / Google Analytics which requires express consent from the user before it is allowed to function. Marketing cookies can be used to track your IP address and browsing habits across multiple different websites, which makes them quite serious. You can read more about them here: https://www.cookiebot.com/en/tracking-cookies.
In summary, choosing a GDPR compliant 3D design company is important for many different reason. It not only demonstrates that the business is proactive and compliant. It also proves they care about how they handle your data and do things the right way too. Thunderstorm FX® is one of those companies and we would like the opportunity to work with you.
AUTOMATIC COOKIE ACCEPTANCE NOTICES ON WEBSITES USING MARKETING COOKIES
If you are preventing third-party cookies from being set in your browser or use a pop up blocker tool, then it might not be possible to see some cookie management dialogue boxes. You will need to enable the use of third-party cookies and refresh the page and / or clear your cache to resolve this.
A popular misconception is that embedding YouTube videos via the cookieless domain method prevents cookies from being used and avoids the need to obtain user consent. This is incorrect.
This method only prevents cookies from being set until the video is played. This means that you still need to obtain consent from the user before the video can be played if you want to be compliant.
Unlike YouTube, Vimeo “have” made it possible to prevent Google Analytics code from functioning in their videos. However, this is not the default behaviour and the solution involves adding an additional variable to the end of the URL in the embed code. This is the method we have used here on our website and how we are able to load our Vimeo videos by default.