gdpr legislation obligations & best practice
Websites and apps must always comply with certain obligations imposed by law. Failure to comply with the rules carries the risk of substantial penalties.
This is why we have chosen to rely on Iubenda, a company made up of legal and technical figures, specialized in this sector. Together with Iubenda, of which we are Certified Partners, we have developed a proposal to offer all our customers a simple and safe legal compliance solution.
The main legal requirements for website and app owners
- the types of personal data processed;
- the legal bases of the processing;
- the purposes and methods of the processing;
- the subjects to whom the personal data may be communicated;
- any transfer of data outside the European Union;
- the rights of the interested party;
- the identification details of the owner.
Can we use a generic document?
It is not possible to use generic documents as the information must describe in detail the data processing carried out by your site / app, listing all the third-party technologies used (eg Facebook Like buttons or Google Maps maps).
What if my site does not process any data?
It is very difficult for your site not to process any data. In fact, a simple contact form or a traffic analysis system such as Google Analytics is enough to trigger the obligation to prepare and show an information notice.
What is a cookie?
If the user has the possibility to directly enter personal data on the site / app, for example by filling out a contact form, registering for the service or subscribing to the newsletter, it is necessary collect free, specific and informed consent, as well as register a unambiguous proof of consent.
What is meant by free, specific and informed consent?
It is necessary to collect a consent for each specific processing purpose - for example, a consent to send newsletters and another consent to send promotional material on behalf of third parties. Consents can be requested by preparing one or more non-pre-selected, non-mandatory checkboxes accompanied by informative texts that make it clear to the user how his data will be used.
How can consent be demonstrated unambiguously?
Is the email I receive from the user after completing the form not sufficient proof of consent?
Unfortunately it is not enough, as some information necessary to reconstruct the suitability of the consent collection procedure, such as a copy of the form actually filled in by the user, is missing.
How can we help you with Iubenda's solutions
Thanks to our partnership with Iubenda, we can help you configure everything you need to bring your site / app up to standard. Iubenda is indeed the simplest, most complete and professional solution for comply with regulations.
The Iubenda Cookie Solution is a complete system to manage the display of a cookie banner at the first visit of each user, to preventively block the profiling cookies and to collect the user's consent to the installation of cookies.
The Iubenda Consent Solution allows the collection and storage of unequivocal proof of consent whenever a user fills out a form - such as a contact or newsletter subscription form - on your website or app.