gdpr normative obligations & best practice
websites and apps must always comply with certain obligations imposed by law. Non-compliance with the rules entails the risk of substantial penalties.
for this reason we have chosen to rely on Iubenda, a company composed of legal and technical figures, specialized in this field. Together with Iubenda, of which we are Certified Partners, we have developed a proposal to offer all our customers a simple and secure solution for legal compliance.
The main legal requirements for owners of websites and apps
- the types of personal data processed;
- the legal bases of the treatment;
- the purposes and methods of processing;
- the subjects to whom the personal data may be communicated;
- the possible transfer of data outside the European Union;
- the rights of the data subject;
- the identification details of the owner.
Can we use a generic document?
It is not possible to use generic documents because the information must describe in detail the data processing carried out by your site/app, listing all the third party technologies used (e.g. Facebook Like buttons or Google Maps maps).
If my site does not process any data?
It's very difficult for your site not to process any data. A simple contact form or a traffic analysis system such as Google Analytics is enough to trigger the obligation to prepare and display information.
What is a cookie?
If the user has the possibility to directly enter personal data on the site/app, for example by filling out a contact form, service registration or newsletter subscription, it is necessary to collect a free, specific and informed consent, as well as record an unequivocal proof of consent.
What is free, specific and informed consent?
You must obtain consent for each specific processing purpose - for example, consent to send newsletters and other consent to send promotional material on behalf of third parties. Consent can be requested by setting up one or more checkboxes that are not pre-selected, not mandatory and accompanied by informative texts that make it clear to the user how his data will be used.
How can consent be demonstrated unequivocally?
Is the email I receive from the user after filling in the form not sufficient proof of consent?
Unfortunately, this is not enough, as there is a lack of information necessary to reconstruct the suitability of the procedure for collecting consent, such as a copy of the form actually completed by the user.
How we can help you with the solutions of Iubenda
Thanks to our partnership with Iubenda, we can help you configure everything you need to bring your site/app up to standard. Iubenda is in fact the simplest, most complete and professional solution to comply with regulations.
The Iubenda Cookie Solution is a complete system to manage the display of a banner cookie at the first visit of each user, to block the profiling cookies in advance and to collect the user's consent to the installation of cookies.
Iubenda's Consent Solution allows the collection and storage of unequivocal proof of consent whenever a user fills out a form - such as a contact form or newsletter subscription - on your website or app.