Case Study SINALplus: How to update a website to GDPR

The entry into play of the General Data Protection Regulation (GDPR) has forced many companies to adapt their websites and the way they conduct their daily operations. In this context, Grow Under was challenged to update the SINALplus® website. Discover this case study that had GDPR compliance as one of the essential goals.

As a provider of web development services, Grow Under includes a diverse client portfolio spanning multiple industries. Thus, we have already been associated with different projects, with very different demands and requirements.

SINALplus® Portugal is the example portrayed in this case study that addresses the update of a website to the latest version of Joomla, with the guarantee of compliance with the GDPR.

SINALplus® Portugal

SINALplus® Portugal is a brand of the company LABORE, LDA, which was founded in 1986. It has the ANEPC – National Authority for Emergency and Civil Protection Certification within the scope of its activities in the field of road signs and safety.

The brand presents itself as creating "solutions tailored to the needs and goals of each customer", providing light signage, covid signage, safety signs and road signs. In addition, it sells signage for electrical networks, as well as other accessories.

This signage is available in materials as diverse as sheet steel or aluminum, including heat lacquering and reflectorization, or even photoluminescent PVC, opaque expanded PVC, rigid PVC, self-adhesive vinyl, magnetic, honeycomb and acrylics.

The challenge

The SINALplus® Portugal website was installed on an old version of Joomla, 1.5. Therefore, it was necessary to update this CMS, or Content Management System, so that the site would be more up to date, and more robust.

In addition, it was intended to improve the website's interactivity, in order to open up an opportunity for closer contact with customers.

On the other hand, it was urgent to adapt the site to the new requirements of the GDPR, ensuring compliance with the new law adopted in the European Union in terms of data protection.

Thus, it was necessary to reconcile the different interests at stake, presenting an ideal solution for the expectations and needs of SINALplus® Portugal, meeting the business objectives and, at the same time, ensuring compliance with the GDPR.

At stake was not only the reputation of the brand and its image with stakeholders, but also the quality of its services.

The Implementation

The Grow Under team went out into the field with a plan that aimed to meet the needs identified by the client. The main mission was, therefore, to keep the business operational, ensuring, at the same time, the control and continuous monitoring of the protection of personal data and privacy.

Thus, the work was developed in different phases that we will reveal right away…

1st Phase - Technical survey

Firstly, it was necessary to assess the customer's needs and the possibilities of implementing the intended functionalities.

In this way, the necessary data treatment and management actions were studied, as well as the information flows and all the fundamental support systems for these processes.

This study also involved analyzing the company's business processes. But it was also essential to identify the risks associated with data privacy, to define ways to mitigate them.

2nd Phase - Update to the latest version of Joomla 

Right from the start, the first need identified was to update to the latest version of Joomla.

Thus, the new SINALplus® Portugal website was rebuilt in Joomla 4.1, the most recent version released by the CMS and which offers the best and latest features developed on this open source (ie free) platform.

This new version of Joomla is safer and more flexible, being easy to customize, which allows more freedom to the client after delivery of the updated website. In addition, it includes a wide variety of extensions to add functionalities.

But one of the main novelties is an accessibility tool that allows you to perform a kind of quality control on Joomla, highlighting the site's usability problems. This is a precious asset if we consider that every visitor who doesn't find what they're looking for in a quick and easy way, is a lost customer.

3rd Phase - New Web Design

The website update also underwent a visual overhaul, with a new, more modern and user-friendly Web Design.

We decided to recreate the site as an online store, although, SINALplus® Portugal never had the objective of selling products directly online. Thus, it is, in fact, a signage reservation store that allows the brand's customers to ask for a quote, to know prices. In this way, they can reserve the products they want.

The website presents itself as an easy to consult catalogue, with clear and concrete information about everything that SINALplus® Portugal has to offer to its customers.

• Read more: "Case Study Huasi: the importance of online visual identity"

4th Phase - Creating an user registration

Grow Under developed the entire structure for creating a user registration, with login and password. This process is essential for the website to function as a "booking store" for products, also allowing a more agile contact with customers.

On the other hand, it also speeds up the fulfillment of some of the rights that the RGPD guarantees to the subjects of personal data, such as the right to access, the right to be forgotten, the right to portability and the right to rectification.

5th Phase - Implementation of the GDPR

The collection of prior information, with the consultation of legal experts in the field of the GDPR, was decisive for this phase of the project. It allowed us to define an action model to ensure the implementation of the GDPR law, in particular with regard to privacy and protection of personal data.

Thus, we have developed the entire Privacy Policy and the Cookies Policy, with the writing of the respective contentes. But we also guarantee the implementation of the necessary mechanisms for compliance with the GDPR, namely regarding the issue of the user being able to request to export and eliminate his personal data.

The issue of information security was also taken care of by Grow Under, as in all the projects it embraces, with the application of the best cybersecurity practices.

The Results

The new SINALplus® Portugal website is now more robust, safer and more up-to-date in terms of design and configuration after the intervention of Grow Under.

In addition, it complies with the GDPR, which is essential for companies these days, given the high fines that are being applied to those who do not comply with the new EU law.

Integrating the GDPR into day-to-day operations can be a challenge for some companies. But the team at Grow Under managed to overcome the obstacles, implementing the necessary configurations without removing usability from the site.

In the end, SINALplus® Portugal manages to strengthen its relationship with the customer, as well as attract new potential customers, thanks to a more friendly and appealing website - and with the guarantee that they can contact the company in complete safety, with their personal data safeguarded.