gdpr normative obligations & best practice

websites and apps must always comply with certain obligations imposed by law. Non-compliance with the rules entails the risk of substantial penalties.

for this reason we have chosen to rely on Iubenda, a company composed of legal and technical figures, specialized in this field. Together with Iubenda, of which we are Certified Partners, we have developed a proposal to offer all our customers a simple and secure solution for legal compliance.

The main legal requirements for owners of websites and apps

Privacy and Cookie Policy

The law obliges every site/app that collects data to inform users through a privacy and cookie policy.
The privacy policy must contain some basic elements including:

  • the types of personal data processed;
  • the legal bases of the treatment;
  • the purposes and methods of processing;
  • the subjects to whom the personal data may be communicated;
  • the possible transfer of data outside the European Union;
  • the rights of the data subject;
  • the identification details of the owner.

The cookie policy describes in particular the different types of cookies installed through the site, any third parties to whom the cookies refer - including a link to their respective documents and opt-out forms - and the purposes of processing.

Can we use a generic document?
It is not possible to use generic documents because the information must describe in detail the data processing carried out by your site/app, listing all the third party technologies used (e.g. Facebook Like buttons or Google Maps maps).

If my site does not process any data?
It's very difficult for your site not to process any data. A simple contact form or a traffic analysis system such as Google Analytics is enough to trigger the obligation to prepare and display information.

iubenda Certified Silver Partner

Cookie Law

In addition to setting a cookie policy, in order to adapt a website to the cookie law, it is also necessary to show a banner cookie on each user's first visit and to obtain consent to the installation of cookies. Some types of cookies, such as those released by tools such as social sharing buttons, should only be released after you have given your consent.

What is a cookie?
Cookies are used to store certain information on your browser while you are browsing the site. Cookies are now essential to the proper functioning of a site. In addition, many third-party technologies that we integrate into our sites, as well as a simple YouTube video widget, also use cookies.


If the user has the possibility to directly enter personal data on the site/app, for example by filling out a contact form, service registration or newsletter subscription, it is necessary to collect a free, specific and informed consent, as well as record an unequivocal proof of consent.

What is free, specific and informed consent?
You must obtain consent for each specific processing purpose - for example, consent to send newsletters and other consent to send promotional material on behalf of third parties. Consent can be requested by setting up one or more checkboxes that are not pre-selected, not mandatory and accompanied by informative texts that make it clear to the user how his data will be used.

How can consent be demonstrated unequivocally?
You must collect a variety of information each time a user fills out a form on their site/app. This information includes a unique user identification code, the content of the privacy policy accepted and a copy of the form submitted to you.

Is the email I receive from the user after filling in the form not sufficient proof of consent?
Unfortunately, this is not enough, as there is a lack of information necessary to reconstruct the suitability of the procedure for collecting consent, such as a copy of the form actually completed by the user.

How we can help you with the solutions of Iubenda

Thanks to our partnership with Iubenda, we can help you configure everything you need to bring your site/app up to standard. Iubenda is in fact the simplest, most complete and professional solution to comply with regulations.

Privacy Generator and Cookie Policy

With Iubenda's Privacy Generator and Cookie Policy we can provide you with a personalized policy for your website or app. Iubenda's policies are generated from a database of clauses drawn up and continuously reviewed by an international team of lawyers.

Cookie Solution

The Iubenda Cookie Solution is a complete system to manage the display of a banner cookie at the first visit of each user, to block the profiling cookies in advance and to collect the user's consent to the installation of cookies.

Consent Solution

Iubenda's Consent Solution allows the collection and storage of unequivocal proof of consent whenever a user fills out a form - such as a contact form or newsletter subscription - on your website or app.