CINXE.COM
What is the GDPR? The Ultimate Guide to GDPR Compliance - iubenda help
<!DOCTYPE html> <html lang="en" class="no-js"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta class="swiftype" name="tags" data-type="string" content="en"> <meta charset="utf-8"> <title>What is the GDPR? The Ultimate Guide to GDPR Compliance - iubenda help</title> <meta name="title" content="What is the GDPR? The Ultimate Guide to GDPR Compliance - iubenda help"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <meta http-equiv="Content-Language" content="en"> <meta name="locale" content="en"> <meta name="description" content="In this guide, we explain the main aspects of the General Data Protection Regulation including GDPR compliance, user rights, and more."> <meta name="robots" content="index"> <meta name="image" content="https://www.iubenda.com/seo/assets/default.png"> <meta name="twitter:card" content="summary"> <meta name="twitter:title" content="What is the GDPR? The Ultimate Guide to GDPR Compliance"> <meta name="twitter:description" content="In this guide, we explain the main aspects of the General Data Protection Regulation including GDPR compliance, user rights, and more."> <meta name="twitter:site" content="@iubenda"> <meta name="twitter:image:src" content="https://www.iubenda.com/seo/assets/default.png"> <meta property="og:title" content="What is the GDPR? The Ultimate Guide to GDPR Compliance"> <meta property="og:description" content="In this guide, we explain the main aspects of the General Data Protection Regulation including GDPR compliance, user rights, and more."> <meta property="og:image" content="https://www.iubenda.com/seo/assets/default.png"> <meta property="og:url" content="https://www.iubenda.com/en/help/5428-gdpr-guide"> <meta property="og:site_name" content="iubenda"> <meta property="og:locale" content="en"> <meta property="og:type" content="website"> <meta property="fb:app_id" content="190131204371223"> <script type="application/ld+json">{"@context":"http://schema.org","@type":"Organization","url":"https://www.iubenda.com","name":"iubenda","logo":"https://www.iubenda.com/seo/assets/logo.png","sameAs":["https://www.facebook.com/iubenda","https://www.twitter.com/iubenda"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"133"}}</script> <link rel="canonical" href="https://www.iubenda.com/en/help/5428-gdpr-guide" /> <link rel="alternate" href="https://www.iubenda.com/it/help/5424-guida-gdpr" hreflang="it" /> <link rel="alternate" href="https://www.iubenda.com/en/help/5428-gdpr-guide" hreflang="en" /> <link rel="alternate" href="https://www.iubenda.com/de/help/24541-was-ist-die-dsgvo" hreflang="de" /> <link rel="alternate" href="https://www.iubenda.com/es/help/40350-que-es-el-rgpd-una-guia-completa-con-todo-lo-que-necesitas-saber-para-cumplir-la-ley" hreflang="es" /> <link rel="alternate" href="https://www.iubenda.com/fr/help/46189-quest-ce-que-le-rgpd-un-guide-complet-sur-tout-ce-que-vous-devez-savoir-pour-vous-mettre-en-conformite" hreflang="fr" /> <link rel="alternate" href="https://www.iubenda.com/pt-br/help/43925-o-que-e-o-gdpr-um-guia-completo-sobre-tudo-o-que-voce-saber-para-estar-em-conformidade" hreflang="pt-BR" /> <link rel="alternate" href="https://www.iubenda.com/nl/help/67151-wat-is-de-avg-alles-wat-je-moet-weten-om-je-aan-de-regels-te-houden" hreflang="nl" /> <link rel="alternate" href="https://www.iubenda.com/da/help/128232-hvad-er-gdpr-en-komplet-vejledning-om-alt-hvad-du-skal-vide-for-at-overholde" hreflang="da" /> <link rel="alternate" href="https://www.iubenda.com/pt/help/136435-o-que-e-o-rgpd-um-guia-completo-sobre-tudo-o-que-precisa-de-saber-para-cumprir-os-requisitos-legais" hreflang="pt" /> <meta name="csrf-param" content="authenticity_token" /> <meta name="csrf-token" content="_BZx7lqTlqpYE1gxvz4-Ix3tOfIjYm7bfiAzOqfYa9OBv6cevNglkPRzzJp96iX6YW5sghUHx9QhTvC_Ve2sbw" /> <meta name="csp-nonce" content="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" /> <link nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" rel="preload" href="/assets/site-314e4e6152ff2dd794db7bab6963ff3ce11faa99762b3abac29741922f96eccb.js" as="script"> <link nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" rel="preload" href="/assets/core-a654d9de902b4fcd4416751ce258e4ffbe756bdae846b03aebd8dd5bfea61172.css" as="style"> <link nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" rel="preload" as="script" href="/assets/builds/growthbook-3b9344c70ddc480132f6.js"> <link nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" rel="preload" href="/assets/app-41e048d0cbf6e83bc7cc82a1f62755c1cbba8aadf4f1fc5044e61468f2a0a5a0.js" as="script"> <link nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" rel="preload" href="/assets/help-40b06ca19741b5cb30b3.js" as="script"> <link nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" rel="preload" href="https://cdn.iubenda.com/cons/beta/iubenda_cons.js" as="script"> <link rel="preload" as="font" href="/assets/hk-grotesk/HKGrotesk-Medium-9c3fd6d5af782a4511dc56bc490a29d341f5f775a1473d9498abc91e0fe793db.woff2" type="font/woff2" crossorigin> <link rel="preload" as="font" href="/assets/icons/iubenda-519eefd5e2627f078cb37ad800d0876b5986439f792cc1ae8df4a4cbc4c5e660.woff" type="font/woff2" crossorigin> <link rel="preload" as="font" href="/assets/hk-grotesk/HKGrotesk-Regular-f089423b22171f8b5954000d1136ad533e7c6942974875d514b75477680b2ac9.woff2" type="font/woff2" crossorigin> <link rel="preload" as="font" href="/assets/hk-grotesk/HKGrotesk-Bold-c10fcca174a9767aab6fa40c8c39ce42a696a48fd3091732280196a1042e3abb.woff2" type="font/woff2" crossorigin> <link rel="preload" as="font" href="/assets/hk-grotesk/HKGrotesk-Light-abd02846fe10b12c6394b41fd7ac3914ca8cbf09234e0001d696c724ae44102b.woff2" type="font/woff2" crossorigin> <link rel="preload" as="font" href="/assets/hk-grotesk/HKGrotesk-Italic-4a89ad60aaf82464ae047d83a45fc663f62823f102bcc8e9c8429dbc36ccd6f4.woff2" type="font/woff2" crossorigin> <link rel="preload" as="font" href="/assets/tisa/light-italic-318917ed1d2496362d0f10cf4cbc0f042223eb68d6c355159f93a6c67aa59fef.woff2" type="font/woff2" crossorigin> <link rel="preload" as="font" href="/assets/tisa/light-2d8a5a0678adfb941a86c53ab436176bbeba11994c0da2be4ef1f6902079c121.woff2" type="font/woff2" crossorigin> <link rel="preload" as="font" href="/assets/tisa/regular-italic-0e9999012ee0ca260e0ab1aaeeb21d60b6853ebf38fb09bf228be80cb2ef69a9.woff2" type="font/woff2" crossorigin> <link rel="preload" as="font" href="/assets/tisa/regular-833a2fba288bd5d9fcbdc7a268303eeeb6fe71f902ba7422c04ab9dcb19a7311.woff2" type="font/woff2" crossorigin> <link rel="stylesheet" href="/assets/core-a654d9de902b4fcd4416751ce258e4ffbe756bdae846b03aebd8dd5bfea61172.css" /> <link rel="preload" href="/assets/help-de56e2adf05bb2e958739ac773721cad924ffdebe199943fb4988e6a150d56e1.css" as="style"> <link rel="stylesheet" href="/assets/help-de56e2adf05bb2e958739ac773721cad924ffdebe199943fb4988e6a150d56e1.css" /> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ window.phraseappEnabled = null if (window.phraseappEnabled) { document.addEventListener('DOMContentLoaded', function() { $('body').on('click', '.pi_bc', function () { $('#iubenda-modal').removeAttr('tabindex'); }); }); } //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ window.CSP_NONCE = "4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"; //]]> </script> <script src="/assets/site-314e4e6152ff2dd794db7bab6963ff3ce11faa99762b3abac29741922f96eccb.js" nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"></script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ I18n.defaultLocale = "en"; I18n.locale = "en"; //]]> </script> <script src="/assets/app-41e048d0cbf6e83bc7cc82a1f62755c1cbba8aadf4f1fc5044e61468f2a0a5a0.js" nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"></script> <script src="/assets/builds/runtime-297cce3e714e6904dd20.js" async="async" nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"></script> <script src="/assets/help-40b06ca19741b5cb30b3.js" nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"></script> <link rel="P3Pv1" href="https://www.iubenda.com/w3c/p3p.xml"> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ var _iub = _iub || {}; _iub.cons = _iub.cons || {}; _iub.cons.api_base_url = 'https://consent.iubenda.com/beta/public/'; _iub.cons_instructions = _iub.cons_instructions || []; _iub.cons_instructions.push(['init', { api_key: 'TxVC3QW2DacksiUzfazNBocfStJA2s9O', log_level: 'error', sendFromLocalStorageAtLoad: true, }]); //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" id="cons_script" src="https://cdn.iubenda.com/cons/beta/iubenda_cons.js" async="async"> //<![CDATA[ //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ document.getElementById('cons_script').onload = function() { _iub.cons.api_base_url = 'https://consent.iubenda.com/beta/public/' } //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ (function() { window._iub = window._iub || []; _iub.csConfiguration = { "cookiePolicyId": 252372, "siteId": 1, "lang": 'en', "logLevel": 'error', "enableRemoteConsent": false, "consentOnScroll": false, "enableUspr": true, "enableLgpd": true, "countryDetection": true, "perPurposeConsent": true, "whitelabel": false, "floatingPreferencesButtonDisplay": true, "consentOnContinuedBrowsing": false, "promptToAcceptOnBlockedElements": true, "banner": { "position": "float-top-center", "acceptButtonDisplay": true, "customizeButtonDisplay": true, "rejectButtonDisplay": true, "useCustomBrand": true, "brandTextColor": "#FFF", "brandBackgroundColor": "#1CC691", "acceptButtonColor": "#0073CE", "acceptButtonCaptionColor": "white", "customizeButtonColor": "#DADADA", "customizeButtonCaptionColor": "#4D4D4D", "rejectButtonColor": "#0073CE", "rejectButtonCaptionColor": "white", "textColor": "black", "backgroundColor": "white", "logo": "/assets/site/general/logo-whiteongreen-18a11ce988ecc91e9cd5433bcdc55e4023983ea75b8542ca108728f511881cf1.svg", "closeButtonRejects": true }, callback: { onActivationDone: function() { window.csActivationCompleted.resolve(); }, onPreferenceExpressedOrNotNeeded: function(prefs) { window.dispatchEvent(new Event('preference-expressed-or-not-needed')); const preferences = _iub.cs.api.getPreferences(); if (typeof preferences.id === 'undefined') { return; } // Handle quiz buttons for pricing pages const quizBtns = document.querySelectorAll(".appcues-quiz-btn"); if (preferences.purposes && preferences.purposes['4'] === true && preferences.purposes['5'] === true) { if( quizBtns.length > 0 ) { quizBtns.forEach( btn => { btn.classList.remove("disabled"); const alerts = document.querySelectorAll(".appcues-quiz-alert") alerts.forEach( alert => { alert.classList.add("d-none"); }); }); } } else { if( quizBtns.length > 0 ) { quizBtns.forEach( btn => { btn.classList.add("disabled"); const alerts = document.querySelectorAll(".appcues-quiz-alert") alerts.forEach( alert => { alert.classList.remove("d-none"); }); }); } } // Handle login button for Google Ads Login page const loginBtn = document.querySelector(".google-login-page .btn-google-oauth"); if (preferences.purposes && preferences.purposes['2'] === true) { if( loginBtn ) { loginBtn.classList.remove("disabled"); loginBtn.disabled = false; document.querySelector(".google-login-alert").classList.add("d-none"); } } else { if( loginBtn ) { loginBtn.classList.add("disabled"); loginBtn.disabled = true; document.querySelector(".google-login-alert").classList.remove("d-none"); } } // Handle chat button on dashboard sidebar const supportChatBtn = document.querySelector("#chat_support_box_button"); if( supportChatBtn ) { if (preferences.purposes && preferences.purposes['2'] === true && preferences.purposes['3'] === true && preferences.purposes['4'] === true && preferences.purposes['5'] === true) { document.querySelector("#support_box_accordion").classList.add("d-none"); supportChatBtn.classList.remove("d-none"); } } } }, "floatingPreferencesButtonZIndex": 1000, }; if (I18n.locale === 'da') { _iub.csConfiguration.banner.showPurposesToggles = true; } window.csActivationCompleted = jQuery.Deferred(); })(); //]]> </script> <script src="https://cs.iubenda.com/sync/252372.js" nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"></script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ gtag('set', 'url_passthrough', true); //]]> </script> <!-- <script src="//cdn.iubenda.com/cs/debugger.js"></script> --> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" type="text/javascript" src="//cdn.iubenda.com/cs/gpp/beta/stub.js"></script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" type="text/javascript" src= "//cdn.iubenda.com/cs/beta/iubenda_cs.js" charset="UTF-8" async></script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" type="text/plain" class="_iub_cs_activate" data-iub-purposes="5"> //<![CDATA[ (function(w, d, s, l, i) { w[l] = w[l] || []; w[l].push({ 'gtm.start': new Date().getTime(), event: 'gtm.js' }); var f = d.getElementsByTagName(s)[0], j = d.createElement(s), dl = l != 'dataLayer' ? '&l=' + l : ''; j.async = true; j.src = 'https://www.googletagmanager.com/gtm.js?id=' + i + dl; var n = d.querySelector('[nonce]'); n && j.setAttribute('nonce', n.nonce || n.getAttribute('nonce')); f.parentNode.insertBefore(j, f); })(window, document, 'script', 'dataLayer', 'GTM-PJDQKV'); //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" type="text/plain" class="_iub_cs_activate" data-iub-purposes="5"> //<![CDATA[ (function(l,e,a,d,i,n,f,o){if(!l[i]){l.GlobalLeadinfoNamespace=l.GlobalLeadinfoNamespace||[]; l.GlobalLeadinfoNamespace.push(i);l[i]=function(){(l[i].q=l[i].q||[]).push(arguments)};l[i].t=l[i].t||n; l[i].q=l[i].q||[];o=e.createElement(a);f=e.getElementsByTagName(a)[0];o.async=1;o.src=d;f.parentNode.insertBefore(o,f);} }(window,document,'script','https://cdn.leadinfo.eu/ping.js','leadinfo','LI-665876B09328F')); //]]> </script> <link rel="shortcut icon" href="/favicon.ico"> <link rel="icon" type="image/png" href="/favicon.png"> <link rel="apple-touch-icon" href="/touch-icon-iphone.png"> </head> <body> <div class="top_bar" id="alert_msg" style="display:none;"> <div class="alert-message warning top"> <button id="alert-msg-site-close-button" class="close">×</button> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ document.querySelector('#alert-msg-site-close-button').addEventListener("click", function() { hideAlertMsg(); return false; }); //]]> </script> </div> </div> <header class="iub-header"> <div class="bg-gray-4 text-sm text-light py-2"> <div id="headerContainer" class="container"> <div class="d-flex justify-content-between align-items-center"> <div class="d-flex align-items-center"> <div> <ul class="list-unstyled mb-0 d-flex align-items-center"> <li class="list-inline-item"> <div class="dropdown"> <button class="btn btn-sm btn-faded-05 text-light dropdown-toggle rounded" type="button" id="dropdown-language" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <i class="i-world mr-1 align-middle"></i><span>English</span> </button> <div class="lang_selector dropdown-menu" aria-labelledby="dropdown-language"> <a class="dropdown-item" data-locale="en" href="/en/help/5428-gdpr-guide" title="iubenda - privacy policy generator - English version">English </a> <a class="dropdown-item" data-locale="it" href="/it/help/5424-guida-gdpr" title="iubenda - generatore di privacy policy - versione italiana">Italiano </a> <a class="dropdown-item" data-locale="de" href="/de/help/24541-was-ist-die-dsgvo" title="iubenda - Datenschutzerklärung-Generator - Deutsche Version">Deutsch </a> <a class="dropdown-item" data-locale="es" href="/es/help/40350-que-es-el-rgpd-una-guia-completa-con-todo-lo-que-necesitas-saber-para-cumplir-la-ley" title="iubenda - generador de políticas de privacidad - versión en español">Español </a> <a class="dropdown-item" data-locale="fr" href="/fr/help/46189-quest-ce-que-le-rgpd-un-guide-complet-sur-tout-ce-que-vous-devez-savoir-pour-vous-mettre-en-conformite" title="iubenda - générateur de politique de confidentialité - version française">Français </a> <a class="dropdown-item" data-locale="pt-BR" href="/pt-br/help/43925-o-que-e-o-gdpr-um-guia-completo-sobre-tudo-o-que-voce-saber-para-estar-em-conformidade" title="iubenda - gerador de política de privacidade - versão em português">Português (BR) </a> <a class="dropdown-item" data-locale="nl" href="/nl/help/67151-wat-is-de-avg-alles-wat-je-moet-weten-om-je-aan-de-regels-te-houden" title="iubenda - privacybeleid-generator - Nederlandstalige versie">Nederlands </a> <a class="dropdown-item" data-locale="da" href="/da/help/128232-hvad-er-gdpr-en-komplet-vejledning-om-alt-hvad-du-skal-vide-for-at-overholde" title="iubenda – generator af privatlivspolitik – Dansk version">Dansk </a> <a class="dropdown-item" data-locale="pt" href="/pt/help/136435-o-que-e-o-rgpd-um-guia-completo-sobre-tudo-o-que-precisa-de-saber-para-cumprir-os-requisitos-legais" title="iubenda - gerador de política de privacidade - versão em português">Português </a> </div> </div> </li> <li class="list-inline-item d-none d-lg-flex"> <span class="unread-wrap flex-shrink"></span> </li> </ul> </div> <div id="appcues-launchpad"></div> </div> <div class="text-right"> <ul class="list-unstyled mb-0 d-flex align-items-center"> <li class="list-inline-item mr-2"><a data-lightbox=true href="/en/login?ref=header">Login</a></li> <li class="list-inline-item"><a data-lightbox=true href="/en/signup" class="btn btn-sm btn-dark text-white js-header-signup-button">Sign up</a></li> </ul> </div> </div> </div> </div> <div class="bg-white"> <div class="container"> <div class="row justify-content-between pt-3 pb-3"> <div class="col-8 d-block d-lg-flex"> <a href="/en/" class="d-inline-block mr-5"> <img width="92" height="33" alt="Iubenda logo" data-lazy-src="/assets/site/general/logo-bfafd02b1fe7dcf519f04f8f0a03c74573d4e051c3a18ae9aa39bdf0cb2b9ec6.svg" src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==" /> <noscript> <img width="92" height="33" alt="Iubenda logo" src="/assets/site/general/logo-bfafd02b1fe7dcf519f04f8f0a03c74573d4e051c3a18ae9aa39bdf0cb2b9ec6.svg" /> </noscript> </a> <ul class="d-block d-lg-flex list-unstyled mb-0 d-inline-block mainmenu" id="mainMenu" itemscope itemtype="http://schema.org/SiteNavigationElement"> <li class="align-self-center has-nav"> <span class="lh-2 p-3">Products and services</span> <nav class="text-sm"> <div class="p-4"> <div class="mb-4"> <p class="serif text-light">A complete set of solutions to make your website or app compliant with the law, on multiple languages and legislations</p> <ul class="list-unstyled mb-0"> <li class="list-inline-item d-block d-md-inline-block mr-md-0 mb-md-2"> <a href="/en/overview" class="btn btn-sm btn-outline-primary d-block">Overview</a> </li> <li class="list-inline-item d-block d-md-inline-block mr-md-0 mb-md-2"> <a href="/en/pricing" class="btn btn-sm btn-outline-primary d-block">Pricing</a> </li> </ul> </div> <div class="row line-between-columns"> <div class="col-lg"> <div class="d-flex"> <div class="mr-3"> <img width="72" height="72" alt="Privacy Policy icon" data-lazy-src="/assets/site/products/privacy_policy-6641fa252acadc2d7bbbb2ba7a127e9765cacbbb50f11264df6bcb68e657e81c.svg" src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==" /> <noscript> <img width="72" height="72" alt="Privacy Policy icon" src="/assets/site/products/privacy_policy-6641fa252acadc2d7bbbb2ba7a127e9765cacbbb50f11264df6bcb68e657e81c.svg" /> </noscript> </div> <div> <div class="products_tags mb-3"> <div><i class="i-check mr-1 text-md"></i>For websites/apps</div> </div> <h4 class="text-sm mb-1"><a href="/en/privacy-and-cookie-policy-generator">Privacy and Cookie Policy Generator</a></h4> <div class="d-block d-lg-none"> <button role="link" class="btn btn-primary btn-sm text-white rarr js-redirect-button" data-url="/en/privacy-and-cookie-policy-generator">Explore</button> </div> <div class="d-none d-lg-block"> <p class="text-muted serif text-sm">Create your privacy and cookie policy in minutes.<br /><br /> Customizable from 2000+ clauses, available in 14 languages and automatically updated if the law changes, our generator allows you to create a legal document in minutes and seamlessly integrate it with your website or app.</p> <button role="link" class="btn btn-primary btn-sm text-white rarr js-redirect-button" data-url="/en/privacy-and-cookie-policy-generator">Explore</button> <ul class="list-unstyled mb-3 mt-3"> <li class="list-inline-item mr-2"><a href="/en/features#privacy-and-cookie-policy" class="link-underline line-highlight">Features</a></li> <li class="list-inline-item"><a href="/en/help/463-generate-privacy-policy" class="link-underline line-highlight">Documentation and guides</a></li> </ul> </div> </div> </div> </div> <div class="col-lg"> <div class="d-flex"> <div class="mr-3"> <img width="72" height="72" alt="Cookie Solution icon" data-lazy-src="/assets/site/products/cookie_solution-7c6de9a79e77ad5d6e4cc5bae39b4fc1ed83d7425fa260cb612ef4e86eec1493.svg" src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==" /> <noscript> <img width="72" height="72" alt="Cookie Solution icon" src="/assets/site/products/cookie_solution-7c6de9a79e77ad5d6e4cc5bae39b4fc1ed83d7425fa260cb612ef4e86eec1493.svg" /> </noscript> </div> <div > <div class="products_tags mb-3"> <div><i class="i-check mr-1 text-md"></i>For websites/apps</div> </div> <h4 class="text-sm mb-1"><a href="/en/cookie-solution">Privacy Controls and Cookie Solution</a></h4> <div class="d-block d-lg-none"> <button class="btn btn-primary btn-sm text-white rarr js-redirect-button" role="link" data-url="/en/cookie-solution">Explore</button> </div> <div class="d-none d-lg-block"> <p class="text-muted serif text-sm">Manage consent preferences for the ePrivacy, GDPR, CPRA (CCPA amendment) and LGPD. Integrated with the IAB TCF and CCPA Compliance Framework.<br /><br /> Our solution allows you to display a fully customizable cookie banner/consent banner, collect cookie consent, implement prior blocking (including auto-blocking), set advertising preferences, and more.</p> <button class="btn btn-primary btn-sm text-white rarr js-redirect-button" role="link" data-url="/en/cookie-solution">Explore</button> <ul class="list-unstyled mb-3 mt-3"> <li class="list-inline-item mr-2"><a href="/en/features#cookie-solution" class="link-underline line-highlight">Features</a></li> <li class="list-inline-item mr-2"><a href="/en/help/1177-cookie-solution-getting-started" class="link-underline line-highlight">Documentation and guides</a></li> </ul> </div> </div> </div> </div> <div class="col-lg"> <div class="d-flex"> <div class="mr-3"> <img width="72" height="72" alt="Terms and Conditions icon" data-lazy-src="/assets/site/products/terms_and_conditions-b2ecac04071503f53269125183052405bee78d8199cd799047bf382eaf79e6c3.svg" src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==" /> <noscript> <img width="72" height="72" alt="Terms and Conditions icon" src="/assets/site/products/terms_and_conditions-b2ecac04071503f53269125183052405bee78d8199cd799047bf382eaf79e6c3.svg" /> </noscript> </div> <div > <div class="products_tags mb-3"> <div><i class="i-check mr-1 text-md"></i>For websites/apps</div> </div> <h4 class="text-sm mb-1"><a href="/en/terms-and-conditions-generator">Terms and Conditions Generator</a></h4> <div class="d-block d-lg-none"> <button class="btn btn-primary btn-sm text-white rarr js-redirect-button" role="link" data-url="/en/terms-and-conditions-generator">Explore</button> </div> <div class="d-none d-lg-block"> <p class="text-muted serif text-sm">Create your terms and conditions in minutes.<br /><br />Customizable from hundreds of combinations, available in 14 languages, powerful and precise — our solution is capable of handling even the most complex, individual scenarios. Optimized for e-commerce, marketplace, SaaS, apps and more.</p> <button class="btn btn-primary btn-sm text-white rarr js-redirect-button" role="link" data-url="/en/terms-and-conditions-generator">Explore</button> <ul class="list-unstyled mb-3 mt-3"> <li class="list-inline-item mr-2"><a href="/en/features#terms-and-conditions" class="link-underline line-highlight">Features</a></li> <li class="list-inline-item mr-2"><a href="/en/help/19461-how-to-generate-terms-and-conditions" class="link-underline line-highlight">Documentation and guides</a></li> </ul> </div> </div> </div> </div> </div> </div> <hr class="m-0"> <div class="p-4"> <div class="row line-between-columns"> <div class="col-lg"> <div class="d-flex"> <div class="mr-3"> <img width="72" height="72" alt="Whistleblowing Management Tool icon" data-lazy-src="/assets/site/products/whistleblowing_management_tool-ac418c64cbbf6682be183ece94551a4d57d581829315827ab215e2b4e3bd1ed6.svg" src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==" /> <noscript> <img width="72" height="72" alt="Whistleblowing Management Tool icon" src="/assets/site/products/whistleblowing_management_tool-ac418c64cbbf6682be183ece94551a4d57d581829315827ab215e2b4e3bd1ed6.svg" /> </noscript> </div> <div> <div class="products_tags mb-3"> <div><i class="i-check mr-1 text-md"></i>For organizations</div> </div> <h4 class="text-sm mb-1"><a href="/en/whistleblowing-management-tool">Whistleblowing Management Tool</a></h4> <div class="d-block d-lg-none"> <button class="btn btn-primary btn-sm text-white rarr js-redirect-button" role="link" data-url="/en/whistleblowing-management-tool">Explore</button> </div> <div class="d-none d-lg-block"> <p class="text-muted serif text-sm">Provide an easy-to-use internal reporting channel as required by the EU Whistleblower Directive for organizations with 50+ employees. Instantly generate your forms to embed or print. <br><br> Collect and manage whistleblower reports from employees and other individuals connected to your organization while safeguarding their identities and ensuring confidentiality. Tailored for EU businesses and global organizations dedicated to ethical transparency.</p> <button class="btn btn-primary btn-sm text-white rarr js-redirect-button" role="link" data-url="/en/whistleblowing-management-tool">Explore</button> <ul class="list-unstyled mb-3 mt-3"> <li class="list-inline-item mr-2"><a href="/en/features#whistleblower" class="link-underline line-highlight">Features</a></li> <li class="list-inline-item"><a href="https://www.iubenda.com/en/help/141269-eu-whistleblower-directive-guide-iubenda-tool" class="link-underline line-highlight">Documentation and guides</a></li> </ul> </div> </div> </div> </div> <div class="col-lg"> <div class="d-flex"> <div class="mr-3"> <img width="72" height="72" alt="Consent Solution icon" data-lazy-src="/assets/site/products/consent_solution-aa3b8ec9c422f9c7b1c30bf3ec445232ea3c36df666784b2add0329bf1dcc1bf.svg" src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==" /> <noscript> <img width="72" height="72" alt="Consent Solution icon" src="/assets/site/products/consent_solution-aa3b8ec9c422f9c7b1c30bf3ec445232ea3c36df666784b2add0329bf1dcc1bf.svg" /> </noscript> </div> <div> <div class="products_tags mb-3"> <div class="mb-1"><i class="i-check mr-1 text-md"></i>For websites/apps</div> <div><i class="i-check mr-1 text-md"></i>For organizations</div> </div> <h4 class="text-sm mb-1"><a href="/en/consent-solution">Consent Database</a></h4> <div class="d-block d-lg-none"> <button class="btn btn-primary btn-sm text-white rarr js-redirect-button" role="link" data-url="/en/consent-solution">Explore</button> </div> <div class="d-none d-lg-block"> <p class="text-muted serif text-sm">Collect GDPR & LGPD consent, document opt-ins and <a href="/en/help/19133#right-to-opt-out" class="link-underline text-dark">CPRA (CCPA amendment) opt-outs</a> via your web forms.<br /><br /> Our solution smoothly integrates with your consent collection forms, syncs with your legal documents and includes a user-friendly dashboard for reviewing consent records of your activities.</p> <button class="btn btn-primary btn-sm text-white rarr js-redirect-button" role="link" data-url="/en/consent-solution">Explore</button> <ul class="list-unstyled mb-3 mt-3"> <li class="list-inline-item mr-2"><a href="/en/features#consent-solution" class="link-underline line-highlight">Features</a></li> <li class="list-inline-item"><a href="/en/help/6469-consent-solution-getting-started" class="link-underline line-highlight">Documentation and guides</a></li> </ul> </div> </div> </div> </div> <div class="col-lg"> <div class="d-flex"> <div class="mr-3"> <img width="72" height="72" alt="IPM icon" data-lazy-src="/images/site/products/ipm.svg" src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==" /> <noscript> <img width="72" height="72" alt="IPM icon" src="/images/site/products/ipm.svg" /> </noscript> </div> <div > <div class="products_tags mb-3"> <div class="mb-1"><i class="i-check mr-1 text-md"></i>For websites/apps</div> <div><i class="i-check mr-1 text-md"></i>For organizations</div> </div> <h4 class="text-sm mb-1"><a href="/en/internal-privacy-management">Register of Data Processing Activities</a></h4> <div class="d-block d-lg-none"> <button class="btn btn-primary btn-sm text-white rarr js-redirect-button" role="link" data-url="/en/internal-privacy-management">Explore</button> </div> <div class="d-none d-lg-block"> <p class="text-muted serif text-sm">Document all the data processing activity within your organization.<br /><br /> To comply with privacy laws, and particularly the GDPR, companies need to record how they store and use the data they collect from their users. Our solution allows you to easily document all the data processing activities within your organization.</p> <button class="btn btn-primary btn-sm text-white rarr js-redirect-button" role="link" data-url="/en/internal-privacy-management">Explore</button> <ul class="list-unstyled mb-3 mt-3"> <li class="list-inline-item mr-2"><a href="/en/features#internal-privacy-management" class="link-underline line-highlight">Features</a></li> <li class="list-inline-item"><a href="/en/help/6311-internal-privacy-management-getting-started" class="link-underline line-highlight">Documentation and guides</a></li> </ul> </div> </div> </div> </div> </div> </div> <div class="p-2 bg-faded-5-gray text-dark" style="border-top: 1px solid rgba(0,0,0,0.1)"> <div class="d-block d-lg-flex align-items-center justify-content-between text-md"> <div class="col-lg"> Not sure what you need? <a href="/en/help/5463" class="rarr link-underline line-highlight line-light-blue text-secondary"> Getting started guide </a> </div> <div class="col-lg text-right"> <a href="https://www.iubenda.com/blog/" class="btn btn-dark-gray text-dark d-block d-md-inline-block mb-2 mb-lg-0">Blog</a> <a href="mailto:info@iubenda.com" data-elevio-module="2" data-elevio-style="nothing" class="btn btn-dark-gray text-dark d-block d-md-inline-block">Contact us</a> </div> </div> </div> </nav> </li> <li class="align-self-center has-nav"> <a class="pricing-link" href="/en/pricing"><span class="lh-2 p-3">Pricing</span></a> </li> <li class="align-self-center has-nav"> <span class="lh-2 p-3">iubenda for...</span> <nav class="text-sm sm"> <div class="p-4 overflow-auto"> <div class="mb-4"> <h3 class="text-lg">Use cases</h3> <p class="serif text-light">Some of the ways you can use iubenda</p> <ul class="list-unstyled mb-3 mt-3 text-nowrap"> <li> <a href="/en/us-privacy-law-compliance" class="link-underline line-highlight line-green text-green-dark rarr"> iubenda for the US </a> </li> <li> <a href="/en/gdpr" class="link-underline line-highlight line-green text-green-dark rarr"> iubenda for GDPR </a> </li> <li> <a href="/en/fadp" class="link-underline line-highlight line-green text-green-dark rarr"> iubenda for FADP </a> </li> <li> <a href="/en/lgpd" class="link-underline line-highlight line-green text-green-dark rarr"> iubenda for LGPD </a> </li> <li> <a href="/en/mobile" class="link-underline line-highlight line-green text-green-dark rarr"> iubenda for mobile apps </a> </li> <li> <a href="/en/facebook" class="link-underline line-highlight line-green text-green-dark rarr"> iubenda for Facebook apps </a> </li> <li> <a href="/en/partner-program" class="link-underline line-highlight line-green text-green-dark rarr"> iubenda for Agencies </a> </li> <li> <a href="/en/enterprise" class="link-underline line-highlight line-green text-green-dark rarr"> iubenda for Enterprise companies </a> </li> <li> <a href="https://www.iubenda.com/en/help/149409-join-the-iubenda-affiliate-program" class="link-underline line-highlight line-green text-green-dark rarr"> iubenda for Affiliates </a> </li> <li> <a href="https://www.iubenda.com/en/help/132915-iubenda-for-publishers" class="link-underline line-highlight line-green text-green-dark rarr"> iubenda for Publishers </a> </li> <li> <a href="/en/google-consent-mode-v2-certified-cmp" class="link-underline line-highlight line-green text-green-dark rarr"> iubenda for Google Consent Mode </a> </li> <li> <a href="https://www.iubenda.com/en/help/139694-rejection-recovery-boost-consent-rates" class="link-underline line-highlight line-green text-green-dark rarr"> iubenda for Consent optimization </a> </li> </ul> </div> </div> </nav> </li> </ul> </div> <div class="col text-right"> <a href="/en/start-generating?wizard=true" data-has-close-button="true" data-close-on-click="false" class="btn btn-primary text-white d-none d-lg-inline-block lightbox"> Start generating </a> <div id="hamburgerButton" class="hamburger d-inline-block d-lg-none"> <span></span> <span></span> <span></span> </div> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ $('#hamburgerButton').on('click', function () { $(this).toggleClass('active'); $('#mainMenu').toggleClass('show'); }); //]]> </script> </div> </div> </div> </div> </header> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ $(document).ready(function() { $('#headerContainer').find('[data-toggle="tooltip"]').tooltip() $('#team-select-mobile, #team-select-desktop').on('change', function() { var switchPath = $(this).val(); $.post(switchPath, {}, function(response) { window.location = response.redirect_url; }); }); $('.select-team').on('click', function(e) { // avoid triggering the toggle of the parent dropdown e.stopPropagation(); }); document.querySelectorAll('.js-redirect-button').forEach(function(button) { button.addEventListener('click', function() { window.location.href = button.getAttribute('data-url'); }); }); }); //]]> </script><script src="/assets/site/dropdown_component-4701934910eeccad9109.js" nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"></script> <style type="text/css"> /* Prettify */ .com { color: #93a1a1; } .lit { color: #195f91; } .pun, .opn, .clo { color: #93a1a1; } .fun { color: #dc322f; } .str, .atv { color: #268bd2; } .kwd, .tag { color: #195f91; } .typ, .atn, .dec, .var { color: #CB4B16; } .pln { color: #93a1a1; } pre.prettyprint { background: #fefbf3; /* padding: 9px; border: 1px solid rgba(0,0,0,.2); -webkit-box-shadow: 0 1px 2px rgba(0,0,0,.1); -moz-box-shadow: 0 1px 2px rgba(0,0,0,.1); box-shadow: 0 1px 2px rgba(0,0,0,.1); max-width: 630px; font-size: 12px; */ border:0; margin: 2rem auto; width: 90%; box-shadow: 0 16px 32px rgba(0,0,0,0.1); border-radius: 6px; padding: 1rem; background-color: rgba(255, 222, 171, 0.16); } .help_page .post_body pre.prettyprint ol li { font-size: 12px; } /* Specify class=linenums on a pre to get line numbering */ ol.linenums { margin: 0 0 0 0; } /* IE indents via margin-left */ ol.linenums li { color: rgba(0,0,0,.15)} /* Alternate shading for lines */ .prettyprint li, .help_page .post_body .prettyprint li { padding-bottom: 0 } li.L1, li.L3, li.L5, li.L7, li.L9 { background: rgba(238, 238, 238, 0.26); } li.L0, li.L1, li.L2, li.L3, li.L5, li.L6, li.L7, li.L8 { list-style-type: decimal !important } .gist { max-width: 650px; } #activate-ai-search { text-decoration: underline; } </style> <section class="mt-5 mb-5 help-tpl__header"> <div class="container"> <section class="mb-5"> <h2 class="text-xl mb-3">Documentation</h2> <nav class="breadcrumb d-none d-lg-block"> <a class="breadcrumb-item" href="/">Home</a> <span class="breadcrumb-item active">Documentation</span> </nav> </section> <div class="mb-5"> <div class="clearfix"> <div class="float-right ml-3"> <button class="st-default-search-btn btn btn-dark-gray px-3">Search</button> </div> <div class="oh"> <input type="text" class="w-100 st-default-search-input" placeholder="Search the documentation..."> </div> </div> <div class="mt-3 text-center"> <a href="#" id="activate-ai-search" class="invisible"> Try our new AI assistant -> </a> </div> </div> </div> </section> <section class="mt-5 mb-5 help-tpl__body"> <div class="container"> <div class="row gutter-lg"> <div class="col-lg-3 text-sm doc_aside help-tpl__side-menu" data-swiftype-index="false"> <div class="help_main_menu mb-4"> <div class="mb-3 d-block d-lg-none"> <button class="btn btn-sm btn-outline-light px-4 btn-aside">Hide index</button> </div> <nav> <ul> <li class="has_child category-title 5220"> Getting Started <ul> <li class="5463"> <a href="/en/help/5463-how-to-comply-with-the-gdpr-cookie-law-caloppa-and-ccpa-cpra">Getting Started Guide</a> </li> <li class="5428"> <a href="/en/help/5428-gdpr-guide">Complete guide to the GDPR</a> </li> <li class="separator 17976"> </li> <li class="category-title 17975"> <strong>Compliance for:</strong> </li> <li class="17366"> <a href="/en/help/17366-laws-regulations-every-blogger-should-know">Simple Websites / Blogs</a> </li> <li class="17754"> <a href="/en/help/17754-laws-regulations-every-ecommerce-owner-should-know">E-commerce Websites</a> </li> <li class="14787"> <a href="/en/help/14787-laws-regulations-every-app-developer-should-know">App Developers</a> </li> <li class="20713"> <a href="/en/help/20713-individual-services">Individual Services</a> </li> </ul> </li> <li class="active has_child category-title 5135"> Legal Requirements <ul> <li class="5720"> <a href="/en/help/5720-legal-requirements-overview">Legal Requirements Overview</a> </li> <li class="524"> <a href="/en/help/524-how-to-determine-your-law-of-reference">How to Determine Your Law of Reference</a> </li> <li class="6187"> <a href="/en/help/6187-what-should-be-in-a-privacy-policy">What is a Privacy Policy and Do You Need One?</a> </li> <li class="7816"> <a href="/en/help/7816-impressum-what-is-it-and-when-is-it-needed">Impressum: What Is It and When Is It Needed</a> </li> <li class="active has_child category-title 6835"> Main Legislations <ul> <li class="category-title 5234"> <strong>GDPR</strong> </li> <li class="active 5428"> <a href="/en/help/5428-gdpr-guide">Complete guide to the GDPR</a> </li> <li class="6738"> <a href="/en/help/6738-gdpr-offline-compliance-duties">GDPR Offline Compliance Duties</a> </li> <li class="66232"> <a href="/en/help/66232-third-party-vs-data-processor">Third party vs Data Processor</a> </li> <li class="26171"> <a href="/en/help/26171-web-agency-responsibilities-gdpr">Web agency’s responsibilities according to the GDPR</a> </li> <li class="5858"> <a href="/en/help/5858-switch-privacy-policy-options">Picking the Right Privacy Policy Options</a> </li> <li class="25229"> <a href="/en/help/25229-gdpr-treatment-of-services-that-do-not-collect-personal-data">GDPR treatment of services that do not collect personal data</a> </li> <li class="7399"> <a href="/en/help/7399-right-to-be-forgotten">How to Prove You Honored the Right to Be Forgotten</a> </li> <li class="3272"> <a href="/en/help/3272-eu-us-data-privacy-framework-certification-integration">EU-US Data Privacy Framework: How Can iubenda Help</a> </li> <li class="65844"> <a href="/en/help/65844-eu-us-trans-atlantic-data-privacy-framework">Green Light for the Data Privacy Framework: EU to US Personal Data Transfers Now Approved </a> </li> <li class="145851"> <a href="/en/help/145851-a-detailed-look-at-the-eu-ai-act">A Detailed Look at the EU AI Act</a> </li> <li class="71983"> <a href="/en/help/71983-uk-gdpr-post-brexit-updates">UK GDPR Post Brexit Updates</a> </li> <li class="73808"> <a href="/en/help/73808-uk-data-reform-bill-and-ai-regulation">UK Data Reform Bill and AI Regulation</a> </li> <li class="74228"> <a href="/en/help/74228-right-to-be-forgotten-and-iubendas-consent-solution">The Right to be Forgotten and iubenda’s Consent Database</a> </li> <li class="78656"> <a href="/en/help/78656-consent-vs-legitimate-interest">Consent vs. Legitimate interest: what’s the difference?</a> </li> <li class="separator 17455"> </li> <li class="category-title 6838"> <strong>Cookie Law / ePrivacy</strong> </li> <li class="5525"> <a href="/en/help/5525-cookies-gdpr-requirements">Cookies and the GDPR: What’s Really Required?</a> </li> <li class="64227"> <a href="/en/help/64227-what-are-trackers">What are trackers?</a> </li> <li class="6293"> <a href="/en/help/6293-cookie-consent-management-faq">Manage Cookie Consent Easily</a> </li> <li class="124203"> <a href="/en/help/124203-cookie-policy-do-you-need-one-heres-everything-you-need-to-know">Cookie Policy – Everything you need to know</a> </li> <li class="7515"> <a href="/en/help/7515-which-data-can-be-safely-stored-in-cookies-without-having-to-request-consent">Which Data Can Be Safely Stored in Cookies Without Having to Request Consent?</a> </li> <li class="24487"> <a href="/en/help/24487-cookie-walls-gdpr">Is the use of a cookie wall allowed in European Countries?</a> </li> <li class="6282"> <a href="/en/help/6282-legal-sources-third-party-cookie-names-opt-out-requirements">Legal Sources on Third-Party Cookie Names and Opt-Out Mechanisms</a> </li> <li class="31246"> <a href="/en/help/31246-italy-new-cookie-rules">Italy’s new cookie guidelines (and how to comply)</a> </li> <li class="separator 19148"> </li> <li class="category-title 19149"> <strong>US State Laws</strong> </li> <li class="111288"> <a href="/en/help/111288-us-state-privacy-laws-overview">US State Privacy Laws Overview</a> </li> <li class="19133"> <a href="/en/help/19133-ccpa-compliance-guide">Complete guide to the CCPA</a> </li> <li class="22574"> <a href="/en/help/22574-guide-to-the-ccpa-concept-of-sale">An In-depth Look at the CCPA Concept of Sale</a> </li> <li class="109571"> <a href="/en/help/109571-ccpa-toll-free-number-requirement">CCPA toll-free number requirement</a> </li> <li class="73819"> <a href="/en/help/73819-cpra-intro-to-the-ccpa-2-0-and-how-it-affects-you">CPRA: Intro to the CCPA 2.0 and how it affects you</a> </li> <li class="106345"> <a href="/en/help/106345-virginia-consumer-data-protection-act-vcdpa">Virginia Consumer Data Protection Act (VCDPA)</a> </li> <li class="107739"> <a href="/en/help/107739-colorado-privacy-act-cpa">Colorado Privacy Act (CPA)</a> </li> <li class="107774"> <a href="/en/help/107774-utah-consumer-privacy-act-the-ucpa">Utah Consumer Privacy Act (the UCPA)</a> </li> <li class="107759"> <a href="/en/help/107759-connecticut-data-privacy-act-ctdpa">Connecticut Data Privacy Act (CTDPA)</a> </li> <li class="separator 17456"> </li> <li class="category-title 17437"> <strong>CalOPPA and COPPA</strong> </li> <li class="168026"> <a href="/en/help/168026-what-is-coppa">What is COPPA? An In-Depth Guide to the Children’s Online Privacy Protection Act</a> </li> <li class="6841"> <a href="https://www.iubenda.com/blog/guide-coppa-mobile-apps/">COPPA and Mobile Apps</a> </li> <li class="separator 17457"> </li> <li class="category-title 26861"> <strong>LGPD</strong> </li> <li class="26706"> <a href="/en/help/26706-lgpd-guide">Complete guide to the LGPD</a> </li> <li class="104366"> <a href="/en/help/104366-brazil-new-cookie-requirements">Brazil: New Cookie Requirements</a> </li> <li class="110776"> <a href="/en/help/110776-brazil-cookie-requirement-cheatsheet">Brazil Cookie Requirement Cheatsheet</a> </li> <li class="27616"> <a href="/en/help/27616-lgpd-privacy-policy-example">LGPD Privacy Policy Example</a> </li> <li class="separator 26860"> </li> <li class="category-title 146111"> <strong>Whistleblowing</strong> </li> <li class="142962"> <a href="/en/help/142962-understanding-the-basics-of-whistleblowing">Understanding the Basics of Whistleblowing</a> </li> <li class="143589"> <a href="/en/help/143589-navigating-whistleblowing-laws-an-international-overview">Navigating Whistleblowing Laws: An International Overview</a> </li> <li class="144294"> <a href="/en/help/144294-how-to-implement-whistleblower-protections-in-your-organization">How to Implement Whistleblower Protections in Your Organization</a> </li> <li class="separator 146112"> </li> <li class="category-title 17438"> <strong>Other Legislations</strong> </li> <li class="13856"> <a href="/en/help/13856-privacy-policies-and-australian-law">Privacy Policies and Australian Law</a> </li> <li class="75419"> <a href="/en/help/75419-fadp-updates-what-you-need-to-know">FADP Updates – What You Need to Know</a> </li> </ul> </li> <li class="has_child category-title 5237"> Common Scenarios <ul> <li class="category-title 17443"> <strong>Blogs and Websites</strong> </li> <li class="8385"> <a href="/en/help/8385-gdpr-for-bloggers">How to Make Your Site Compliant (for Bloggers and Web Publishers)</a> </li> <li class="11028"> <a href="/en/help/11028-wordpress-gdpr-compliance">How to Comply with the GDPR on a WordPress Site</a> </li> <li class="78016"> <a href="/en/help/78016-how-to-handle-data-privacy-complaints-your-5-step-guide">How to Handle Data Privacy Complaints | Your 5-Step guide</a> </li> <li class="separator 17458"> </li> <li class="category-title 25888"> <strong>E-commerce</strong> </li> <li class="25877"> <a href="/en/help/25877-terms-conditions-ecommerce-stores">Terms and Conditions for eCommerce (and how they protect your online store)</a> </li> <li class="separator 25886"> </li> <li class="category-title 6842"> <strong>Emails and Newsletters</strong> </li> <li class="5640"> <a href="/en/help/5640-email-newsletter-compliance-guide">How to Make your Emails and Newsletter Compliant (with Form Examples)</a> </li> <li class="4315"> <a href="/en/help/4315-eprivacy-direct-email-marketing">ePrivacy and Direct Email Marketing (DEM)</a> </li> <li class="6192"> <a href="/en/help/6192-opt-in-opt-out">Opt-In vs Opt-Out: What’s the Difference?</a> </li> <li class="13638"> <a href="/en/help/13638-privacy-policy-gdpr-forms-and-consent-collection-for-mailchimp">Privacy policy, GDPR forms and consent collection for Mailchimp</a> </li> <li class="39705"> <a href="/en/help/39705-global-email-marketing-cheatsheet">Global Email Marketing Cheatsheet</a> </li> <li class="separator 17459"> </li> <li class="category-title 6840"> <strong>Apps</strong> </li> <li class="147125"> <a href="/en/help/147125-app-privacy-policy-what-you-need-to-know-examples">App Privacy Policy: What you Need to Know + Examples</a> </li> <li class="401"> <a href="/en/help/401-privacy-policy-for-ios-and-macos-apps">Privacy Policy for iOS and macOS Apps</a> </li> <li class="11552"> <a href="/en/help/11552-privacy-policy-for-android-apps">Privacy Policy for Your Android App</a> </li> <li class="38933"> <a href="/en/help/38933-google-play-new-safety-section">Google Play adds new “safety section” to make data collection more transparent</a> </li> <li class="39254"> <a href="/en/help/39254-privacy-policy-for-windows-apps">Privacy Policy for Windows Apps</a> </li> <li class="1353"> <a href="/en/help/1353-cookies-mobile-apps">Cookies and Mobile Apps</a> </li> <li class="separator 24789"> </li> <li class="category-title 24788"> <strong>Facebook Pages and Apps</strong> </li> <li class="22930"> <a href="/en/help/22930-privacy-policy-facebook-page">Privacy Policy for Facebook Pages</a> </li> <li class="13561"> <a href="/en/help/13561-privacy-policy-for-facebook-apps">Privacy Policy for Facebook Apps</a> </li> <li class="separator 17460"> </li> <li class="category-title 17442"> <strong>Children</strong> </li> <li class="5717"> <a href="/en/help/5717-legal-requirements-websites-apps-children">Legal Requirements for Websites and Apps Used by Children</a> </li> <li class="11429"> <a href="/en/help/11429-minors-and-the-gdpr">Minors and the GDPR</a> </li> <li class="separator 17461"> </li> <li class="category-title 17444"> <strong>Multi-lingual Websites and Apps</strong> </li> <li class="539"> <a href="/en/help/539-privacy-policy-different-languages">When Do You Need a Privacy Policy in Different Languages</a> </li> <li class="separator 17462"> </li> <li class="category-title 14005"> <strong>Ads and Affiliate Programs</strong> </li> <li class="12047"> <a href="/en/help/12047-privacy-policy-for-google-adsense">Privacy Policy for Google AdSense</a> </li> <li class="12079"> <a href="/en/help/12079-privacy-policy-for-google-ads-remarketing">Privacy Policy for Google Ads Remarketing</a> </li> <li class="17620"> <a href="/en/help/16041">How to Collect Consent for Google Ad Personalization</a> </li> <li class="12158"> <a href="/en/help/12158-privacy-policy-facebook-lead-ads">Privacy Policy for Facebook Lead Ads</a> </li> <li class="13990"> <a href="/en/help/13990-amazon-affiliate-program-required-privacy-policy-additions">Amazon Affiliate Program</a> </li> <li class="separator 17463"> </li> <li class="category-title 6844"> <strong>Analytics and Other Google Services</strong> </li> <li class="72017"> <a href="/en/help/72017-is-google-analytics-illegal-in-the-eu-and-uk">Is Google Analytics illegal in the EU and UK?</a> </li> <li class="72356"> <a href="/en/help/72356-google-analytics-4-all-you-need-to-know">Google Analytics 4 – all you need to know</a> </li> <li class="11994"> <a href="/en/help/11994-privacy-policy-for-google-analytics">Privacy Policy for Google Analytics</a> </li> <li class="1184"> <a href="/en/help/1184-how-to-anonymize-ip-addresses-and-avoid-the-cross-referencing-of-data-in-google-analytics">How to Anonymize IP Addresses and Avoid the Cross-Referencing of Data in Google Analytics</a> </li> <li class="7227"> <a href="/en/help/7227-google-analytics-gdpr-monitoring-behavior">Google Analytics and the GDPR: Is It Considered Monitoring Behavior?</a> </li> <li class="12379"> <a href="/en/help/12379-privacy-policy-google-analytics-advertising-remarketing">Privacy Policy for Google Analytics Advertising and Remarketing Features</a> </li> <li class="18852"> <a href="/en/help/18852-privacy-policy-google-oauth">Privacy Policy for Google OAuth</a> </li> <li class="14936"> <a href="/en/help/14936-place-of-processing-customisation-for-google-services">Place of Processing Customisation for Google Services</a> </li> <li class="142541"> <a href="/en/help/142541-google-ads-consent-mode">Google Ads Consent Mode – Everything You Need To Know</a> </li> <li class="separator 146117"> </li> <li class="category-title 146116"> <strong>Workplace</strong> </li> <li class="144878"> <a href="/en/help/144878-how-technology-helps-businesses-build-effective-whistleblowing-systems">How Technology Helps Businesses Build Effective Whistleblowing Systems</a> </li> <li class="143344"> <a href="/en/help/143344-whistleblowing-reporting-process-in-the-workplace">The A-Z of Whistleblowing Reporting Process in the Workplace</a> </li> <li class="143363"> <a href="/en/help/143363-how-organizations-should-handle-whistleblowing-reports">Managing Whistleblowing: How Organizations Should Handle Reports</a> </li> <li class="142946"> <a href="/en/help/142946-whistleblowing-education-in-the-workplace">Whistleblowing 101: A Guide to Whistleblowing Education in the Workplace</a> </li> <li class="142908"> <a href="/en/help/142908-ethics-at-work-crafting-a-supportive-whistleblowing-culture">Ethics at Work: Crafting a Supportive Whistleblowing Culture</a> </li> </ul> </li> </ul> </li> <li class="has_child category-title 5222"> Privacy and Cookie Policy Generator <ul> <li class="has_child category-title 5223"> Creating Your Policy <ul> <li class="category-title 17502"> <strong>Generating</strong> </li> <li class="463"> <a href="/en/help/463-generate-privacy-policy">How to Create a Privacy Policy</a> </li> <li class="1175"> <a href="/en/help/1175-generate-cookie-policy">How to Generate a Cookie Policy</a> </li> <li class="25434"> <a href="/en/help/25434-cookie-lifetime">How to Display the Cookie Lifetime in Your Cookie Policy</a> </li> <li class="5853"> <a href="/en/help/5853-gdpr-protections-users">How to Apply GDPR Protections Only to EU Users or to All Users</a> </li> <li class="21474"> <a href="/en/help/21474-how-to-apply-state-specific-us-standards-within-the-generator">How to Apply State-Specific US Standards within the Generator</a> </li> <li class="separator 17511"> </li> <li class="category-title 17503"> <strong>Adding Services</strong> </li> <li class="20"> <a href="/en/help/20-services-privacy-policy">How to Add Services to Your Privacy Policy</a> </li> <li class="19004"> <a href="/en/help/19004-how-to-use-the-site-scanner-from-within-the-generator">Using the Site Scanner to Identify Missing Services</a> </li> <li class="386"> <a href="/en/help/386-how-to-add-a-custom-service-and-customize-to-your-needs">How to Add a Custom Service and Customize to Your Needs</a> </li> <li class="separator 17510"> </li> <li class="category-title 17504"> <strong>Adding Owner Details</strong> </li> <li class="7850"> <a href="/en/help/7850-what-is-meant-by-the-identifiying-details-of-the-data-controller">What is meant by the identifying details of the Data Controller</a> </li> <li class="3486"> <a href="/en/help/3486-the-owner-field-within-the-generator">The Owner Field Within the Generator</a> </li> <li class="separator 17509"> </li> <li class="category-title 17505"> <strong>Languages</strong> </li> <li class="137"> <a href="/en/help/137-add-language">How to Add Another Language to Your Documents</a> </li> </ul> </li> <li class="has_child category-title 17500"> Editing/Updating Your Policy <ul> <li class="2739"> <a href="/en/help/2739-edit-privacy-policy">How to Edit a Privacy Policy</a> </li> <li class="3810"> <a href="/en/help/3810-how-to-delete-a-privacy-policy">How to Delete a Privacy Policy</a> </li> <li class="68865"> <a href="/en/help/68865-how-to-duplicate-an-existing-site">How to duplicate an existing site</a> </li> <li class="separator 17508"> </li> <li class="category-title 17506"> <strong>iubenda Branding</strong> </li> <li class="166"> <a href="/en/help/166-remove-iubenda-branding">How to Remove iubenda Branding</a> </li> <li class="2848"> <a href="/en/help/2848-remove-iubenda-disclaimer">Can I Remove the "iubenda hosts this page" Disclaimer</a> </li> <li class="separator 5235"> </li> <li class="category-title 17507"> <strong>Advanced Settings</strong> </li> <li class="4158"> <a href="/en/help/4158-force-update">How to Force Update & Change the “Last updated” Date Information</a> </li> <li class="4825"> <a href="/en/help/4825-customize-this-application">Customize the Way Your Website or App Is Referred To in Your Privacy Policy</a> </li> <li class="11072"> <a href="/en/help/11072-customize-privacy-and-cookie-policy-internal-links">Customize Privacy and Cookie Policy Internal Links</a> </li> </ul> </li> <li class="has_child category-title 5224"> Embedding Your Policy <ul> <li class="category-title 17512"> <strong>General</strong> </li> <li class="231"> <a href="/en/help/231-ways-to-use-iubenda-privacy-policy-on-your-site-and-app">Ways to Use iubenda’s Privacy Policy on Your Site and App</a> </li> <li class="216"> <a href="/en/help/216-privacy-policy-standard-embedding">Standard Embedding</a> </li> <li class="228"> <a href="/en/help/228-privacy-policy-direct-link">Direct Link</a> </li> <li class="78"> <a href="/en/help/78-privacy-policy-direct-text-embedding-api">Direct Text Embedding via JS or API</a> </li> <li class="5339"> <a href="/en/help/5339-behavior-of-iubenda-embedding-options-when-javascript-is-disabled">Behavior of iubenda Embedding Options When JavaScript Is Disabled</a> </li> <li class="separator 17517"> </li> <li class="category-title 17513"> <strong>Apps</strong> </li> <li class="17838"> <a href="/en/help/401">iOS and macOS</a> </li> <li class="1528"> <a href="/en/help/1528-privacy-policy-for-tvos-apps-apple-tv">tvOS (Apple TV)</a> </li> <li class="17837"> <a href="/en/help/11552">Android</a> </li> <li class="3744"> <a href="/en/help/3744-how-to-add-android-and-ios-mobile-permissions-for-device-data">How to Add Android and iOS Mobile Permissions for Device Data</a> </li> <li class="337"> <a href="/en/help/337-legal-documents-offline-viewing">Make Your Legal Documents Available for Offline Viewing</a> </li> <li class="separator 5253"> </li> <li class="category-title 17514"> <strong>Popular Platforms</strong> </li> <li class="100"> <a href="/en/help/100-how-to-add-your-privacy-policy-to-the-amazon-store">Amazon Store</a> </li> <li class="53052"> <a href="/en/help/53052-how-to-add-a-privacy-and-cookie-policy-on-bigcommerce">Bigcommerce</a> </li> <li class="1419"> <a href="/en/help/1419-how-to-use-iubenda-privacy-and-cookie-policy-on-a-epages-website">ePages</a> </li> <li class="53619"> <a href="/en/help/53619-how-to-add-a-privacy-policy-on-ghost">Ghost</a> </li> <li class="53326"> <a href="/en/help/53326-how-to-add-a-privacy-policy-on-hubspot">HubSpot</a> </li> <li class="3798"> <a href="/en/help/3798-how-to-use-iubenda-privacy-and-cookie-policy-on-a-jimdo-website">Jimdo</a> </li> <li class="546"> <a href="/en/help/546-how-to-use-iubenda-privacy-and-cookie-policy-on-a-joomla-website">Joomla!</a> </li> <li class="567"> <a href="/en/help/567-how-to-use-iubenda-privacy-and-cookie-policy-on-a-magento-website">Magento</a> </li> <li class="3592"> <a href="/en/help/3592-how-to-add-matomo-clauses-to-iubendas-privacy-and-cookie-policy">Matomo (Formerly Piwik)</a> </li> <li class="1502"> <a href="/en/help/1502-how-to-use-iubenda-privacy-and-cookie-policy-on-a-prestashop-website">PrestaShop</a> </li> <li class="3796"> <a href="/en/help/3796-shopify-privacy-policy">Shopify</a> </li> <li class="12794"> <a href="/en/help/12794-squarespace-privacy-policy">Squarespace</a> </li> <li class="26324"> <a href="/en/help/26324-privacy-policy-ucraft">Ucraft</a> </li> <li class="18524"> <a href="/en/help/18524-privacy-policy-webflow">Webflow</a> </li> <li class="53504"> <a href="/en/help/53504-how-to-add-a-privacy-policy-on-weebly">Weebly</a> </li> <li class="23080"> <a href="/en/help/23080-privacy-policy-wix">Wix</a> </li> <li class="370"> <a href="/en/help/370-how-to-use-iubenda-privacy-and-cookie-policy-on-a-wordpress-website">WordPress</a> </li> <li class="3905"> <a href="/en/help/3905-how-to-use-iubenda-privacy-and-cookie-policy-on-wordpress-com">WordPress.com</a> </li> <li class="separator 19583"> </li> <li class="category-title 19584"> <strong>Advanced</strong> </li> <li class="12260"> <a href="/en/help/12260-how-to-configure-content-security-policy-to-allow-iubenda-scripts-to-execute">How to Configure your Content Security Policy for iubenda</a> </li> </ul> </li> <li class="has_child category-title 5832"> Troubleshooting and FAQs <ul> <li class="304"> <a href="/en/help/304-how-to-use-the-iubenda-dashboard">How to Access the iubenda Dashboard</a> </li> <li class="3803"> <a href="/en/help/3803-must-i-repeat-the-process-of-adding-services-for-every-language-in-which-i-generate-the-policy">Must I Repeat the Process of Adding Services for Every Language in Which I Generate the Policy?</a> </li> <li class="3953"> <a href="/en/help/3953-how-to-honor-and-include-a-do-not-track-clause-in-the-privacy-policy">How to Honor and Include a “Do Not Track” Clause in the Privacy Policy</a> </li> <li class="3025"> <a href="/en/help/3025-what-is-the-difference-between-the-privacy-and-cookies-policy-generator-and-the-cookie-solution">What Is the Difference Between the Privacy and Cookie Policy Generator and the Privacy Controls and Cookie Solution?</a> </li> <li class="2824"> <a href="/en/help/2824-what-is-the-difference-between-the-integration-of-the-privacy-policy-and-the-one-of-the-cookie-solution">What’s the Difference Between the Integration of the Privacy Policy and Cookie Solution?</a> </li> <li class="438"> <a href="/en/help/438-which-countries-is-your-privacy-policy-good-for">Which Countries Is Your Privacy Policy Good For?</a> </li> <li class="407"> <a href="/en/help/407-copy-and-paste">Can I Copy and Paste the Privacy Policy's Text into My Website?</a> </li> <li class="450"> <a href="/en/help/450-is-it-ok-to-include-the-same-privacy-policy-in-other-sites-and-apps">Is it ok to include the same privacy policy in other sites and apps?</a> </li> <li class="15546"> <a href="/en/help/15546-how-to-start-the-iubenda-initializer-asynchronously">How to start the iubenda initializer asynchronously</a> </li> <li class="separator 30085"> </li> <li class="category-title 30086"> <strong>Changelog</strong> </li> <li class="30061"> <a href="/en/help/30061-pcp-legal-changelog">Legal Changelog</a> </li> </ul> </li> </ul> </li> <li class="has_child category-title 5225"> Privacy Controls and Cookie Solution <ul> <li class="has_child category-title 17486"> Introduction <ul> <li class="1177"> <a href="/en/help/1177-cookie-solution-getting-started">Introduction and Getting Started</a> </li> <li class="262"> <a href="/en/help/262-how-to-identify-the-cookies-your-site-installs-in-browsers">How to Identify the Cookies Your Site Installs in Browsers</a> </li> </ul> </li> <li class="has_child category-title 17482"> Cookie Banner Setup and Customization <ul> <li class="3831"> <a href="/en/help/3831-customize-cookie-banner">How to Customize the Look and Behavior of the Cookie Banner (Beginner’s Guide)</a> </li> <li class="1175"> <a href="/en/help/1175-generate-cookie-policy">How to Generate a Cookie Policy for the Cookie Banner</a> </li> <li class="1205"> <a href="/en/help/1205-how-to-configure-your-cookie-solution-advanced-guide">How to Configure Your Privacy Controls and Cookie Solution (Advanced Guide)</a> </li> <li class="separator 17615"> </li> <li class="category-title 17614"> <strong>Advertising Tracking Preferences</strong> </li> <li class="7440"> <a href="/en/help/7440-the-complete-guide-to-iubenda-cmp-and-iab-tcf-2-2">The complete guide to IAB GDPR Framework and iubenda’s Consent Management Platform</a> </li> <li class="16041"> <a href="/en/help/16041-google-tcf-consent-personalized-ads">Google and TCF 2.0: how to collect consent for personalized ads</a> </li> <li class="23271"> <a href="/en/help/23271-tcf-2-0-transition-guide">TCF 2.0 Transition Guide</a> </li> <li class="separator 17494"> </li> <li class="category-title 17488"> <strong>Languages</strong> </li> <li class="1180"> <a href="/en/help/1180-cookie-policy-and-cookie-solution-for-multilingual-websites">Cookie Policy and Privacy Controls and Cookie Solution for Multilingual Websites</a> </li> <li class="1209"> <a href="/en/help/1209-how-to-use-the-cookie-solution-in-a-multilingual-wordpress-site">How to Use the Privacy Controls and Cookie Solution in a Multilingual WordPress Site</a> </li> </ul> </li> <li class="has_child category-title 21259"> For US <ul> <li class="21165"> <a href="/en/help/21165-how-to-comply-with-us-state-privacy-laws-using-iubenda">How to comply with US state privacy laws using iubenda</a> </li> </ul> </li> <li class="has_child category-title 5226"> Installation and Prior Blocking Implementation <ul> <li class="36226"> <a href="/en/help/36226-cookie-solution-custom-website-installation-guide">Custom Website</a> </li> <li class="separator 36291"> </li> <li class="category-title 36292"> <strong>Plugins and integrations</strong> </li> <li class="56404"> <a href="/en/help/56404-how-to-add-a-cookie-solution-to-bigcommerce">BigCommerce</a> </li> <li class="56370"> <a href="/en/help/56370-how-to-add-a-cookie-solution-to-ghost">Ghost</a> </li> <li class="148057"> <a href="/en/help/148057-hubspot-cookie-banner-how-to-add-a-cookie-banner-on-hubspot-with-iubenda">HubSpot</a> </li> <li class="10777"> <a href="/en/help/10777-cookie-solution-jimdo-integration-guide">Jimdo</a> </li> <li class="1323"> <a href="/en/help/1323-cookie-solution-joomla-plugin-installation-guide">Joomla! Extension</a> </li> <li class="9591"> <a href="/en/help/9591-cookie-solution-magento-extension-installation-guide">Magento Extension</a> </li> <li class="4338"> <a href="/en/help/4338-cookie-solution-prestashop-plugin-installation-guide">PrestaShop Plugin</a> </li> <li class="10811"> <a href="/en/help/10811-cookie-solution-shopify">Shopify</a> </li> <li class="12848"> <a href="/en/help/12848-cookie-solution-squarespace-integration-guide">Squarespace</a> </li> <li class="26363"> <a href="/en/help/26363-cookie-solution-ucraft">Ucraft</a> </li> <li class="18531"> <a href="/en/help/18531-cookie-solution-webflow">Webflow</a> </li> <li class="56488"> <a href="/en/help/56488-how-to-add-a-cookie-solution-to-weebly">Weebly</a> </li> <li class="24221"> <a href="/en/help/24221-cookie-banner-wix">Wix</a> </li> <li class="1215"> <a href="/en/help/1215-cookie-solution-wordpress-plugin-installation-guide">WordPress Plugin</a> </li> <li class="separator 5374"> </li> <li class="category-title 5358"> <strong>Prior Blocking Implementation</strong> </li> <li class="3081"> <a href="/en/help/3081-prior-blocking-of-cookie-scripts">Introduction to the Prior Blocking of Cookie Scripts</a> </li> <li class="1229"> <a href="/en/help/1229-manual-tagging-blocking-cookies">Manual Tagging (with Practical Examples)</a> </li> <li class="133036"> <a href="/en/help/133036-prior-blocking-of-cookies-automatic-blocking-auto-blocking">Automatic Blocking (auto-blocking)</a> </li> <li class="1235"> <a href="/en/help/1235-google-tag-manager-blocking-cookies">Google Tag Manager</a> </li> <li class="74198"> <a href="/en/help/74198-google-consent-mode-set-up-google-tag-manager-with-iubenda">Google Consent Mode: Set up Google Tag Manager with iubenda</a> </li> <li class="27137"> <a href="/en/help/27137-google-consent-mode">Google Consent Mode</a> </li> <li class="1182"> <a href="/en/help/1182-google-adsense-ad-manager-blocking-cookies">Google AdSense and Ad Manager</a> </li> <li class="1976"> <a href="/en/help/1976-php-class-blocking-cookies">PHP Class</a> </li> <li class="22135"> <a href="/en/help/22135-cookie-solution-amp-wordpress">How to integrate iubenda Privacy Controls and Cookie Solution with Google AMP (WordPress method included)</a> </li> <li class="separator 19644"> </li> <li class="category-title 17483"> <strong>Advanced</strong> </li> <li class="18678"> <a href="/en/help/18678-cookie-solution-consents-migration">How to migrate consents from a previous provider to the Privacy Controls and Cookie Solution</a> </li> <li class="46731"> <a href="/en/help/46731-how-to-retrieve-proof-of-a-cookie-preferences-for-specific-users">How to retrieve proof of cookie preferences</a> </li> <li class="3834"> <a href="/en/help/3834-cache-and-optimisation-of-the-iubenda-cookie-solution">Cache, Speed and Other Optimization of the iubenda Privacy Controls and Cookie Solution</a> </li> <li class="23633"> <a href="/en/help/23633-how-to-invoke-cookie-solution-api-methods-from-an-iframe">How to invoke Privacy Controls and Cookie Solution API methods from an iframe</a> </li> <li class="12503"> <a href="https://www.iubenda.com/en/help/12260">How to Configure your Content Security Policy for iubenda</a> </li> <li class="separator 17492"> </li> <li class="category-title 17490"> <strong>Stats</strong> </li> <li class="2426"> <a href="/en/help/2426-cookie-solution-analytics-and-stats">Analytics and Stats</a> </li> </ul> </li> <li class="has_child category-title 146392"> <strong>For Mobile</strong> <ul> <li class="19678"> <a href="/en/help/19678-cs-for-mobile-developers-guide">Privacy Controls and Cookie Solution for mobile | Developer’s Guide</a> </li> <li class="145991"> <a href="/en/help/145991-iubenda-sdk-integration-with-google-consent-mode-v2-for-firebase-analytics">iubenda mobile SDK – Integration with Google Consent Mode V2 for Firebase Analytics</a> </li> </ul> </li> <li class="has_child category-title 5357"> Troubleshooting and FAQs <ul> <li class="3062"> <a href="/en/help/3062-how-are-calculated-the-pageviews-of-the-cookie-solution">How Are the Privacy Controls and Cookie Solution Pageviews Calculated?</a> </li> <li class="3812"> <a href="/en/help/3812-where-can-i-find-my-cookie-policy-and-site-ids">Where Can I Find My Cookie Policy and Site Ids?</a> </li> <li class="2690"> <a href="/en/help/2690-can-i-integrate-the-cookie-policy-within-my-website-using-the-direct-text-embedding-and-api">Can I Integrate the Cookie Policy Within My Website Using the Direct Text Embedding and API?</a> </li> <li class="3182"> <a href="/en/help/3182-cookie-consent-amp-pages">How do I collect cookie consent on AMP pages?</a> </li> <li class="105616"> <a href="/en/help/105616-how-to-solve-common-cookie-solution-issues-with-cache-plugins-and-optimization-features">How to solve common Privacy Controls and Cookie Solution issues with cache plugins and optimization features</a> </li> <li class="151085"> <a href="/en/help/151085-why-is-data-decreasing-after-installing-google-consent-mode-v2">Why Is Data Decreasing After Installing Google Consent Mode v2?</a> </li> <li class="166100"> <a href="/en/help/166100-how-to-hide-the-iubenda-banner-on-specific-pages">How to Hide the iubenda Banner on Specific Pages</a> </li> <li class="separator 17493"> </li> <li class="category-title 17491"> <strong>Channels and Changelog</strong> </li> <li class="2158"> <a href="/en/help/2158-cookie-solution-release-channels">Delivery Channels</a> </li> <li class="1970"> <a href="/en/help/1970-cookie-solution-changelog">Changelog</a> </li> </ul> </li> </ul> </li> <li class="has_child category-title 17474"> Terms and Conditions Generator <ul> <li class="2859"> <a href="/en/help/2859-terms-and-conditions-when-are-they-needed">What Are the Terms and Conditions and When Are They Needed?</a> </li> <li class="19482"> <a href="/en/help/19482-what-should-basic-terms-and-conditions-include">What Should Basic Terms and Conditions Include?</a> </li> <li class="20504"> <a href="/en/help/20504-can-i-use-a-terms-and-conditions-template">Can I use a Terms and Conditions template?</a> </li> <li class="has_child category-title 19560"> Creating Your Document <ul> <li class="19461"> <a href="/en/help/19461-how-to-generate-terms-and-conditions">How to Generate Terms and Conditions</a> </li> <li class="19668"> <a href="/en/help/3486">The Owner Field Within the Generator</a> </li> <li class="19667"> <a href="/en/help/137">How to Add Another Language to Your Documents</a> </li> </ul> </li> <li class="has_child category-title 19561"> Editing/Updating Your Document <ul> <li class="19356"> <a href="/en/help/19356-edit-terms-and-conditions">How to Edit your Terms and Conditions</a> </li> <li class="19340"> <a href="/en/help/19340-delete-terms-and-conditions">How to Delete your Terms and Conditions</a> </li> <li class="separator 19570"> </li> <li class="category-title 19571"> <strong>Advanced options</strong> </li> <li class="19673"> <a href="/en/help/4158">How to Force Update & Change the "Last updated" Date Information</a> </li> <li class="19674"> <a href="/en/help/4825">Customize the way your website or app is referred to in your documents</a> </li> </ul> </li> <li class="has_child category-title 19562"> Embedding Your Document <ul> <li class="category-title 47874"> <strong>General</strong> </li> <li class="19253"> <a href="/en/help/19253-integrate-terms-and-conditions-on-your-site-and-app">How to Integrate iubenda’s Terms and Conditions on your Site and App</a> </li> <li class="19675"> <a href="/en/help/337">Make Your Legal Documents Available for Offline Viewing</a> </li> <li class="separator 47876"> </li> <li class="category-title 47875"> <strong>Popular Platforms</strong> </li> <li class="52091"> <a href="/en/help/52091-how-to-add-terms-and-condition-on-amazon">Amazon</a> </li> <li class="49324"> <a href="/en/help/49324-how-to-add-terms-and-conditions-on-bigcommerce">Bigcommerce</a> </li> <li class="51396"> <a href="/en/help/51396-how-to-add-terms-and-conditions-on-ghost">Ghost</a> </li> <li class="50402"> <a href="/en/help/50402-how-to-add-terms-and-conditions-on-hubspot">HubSpot</a> </li> <li class="51558"> <a href="/en/help/51558-how-to-add-terms-and-conditions-on-jimdo">Jimdo</a> </li> <li class="49571"> <a href="/en/help/49571-how-to-add-terms-and-conditions-on-joomla">Joomla!</a> </li> <li class="51470"> <a href="/en/help/51470-how-to-add-terms-and-conditions-on-magento">Magento</a> </li> <li class="49740"> <a href="/en/help/49740-how-to-add-terms-and-conditions-to-prestashop">PrestaShop</a> </li> <li class="49143"> <a href="/en/help/49143-how-to-add-terms-and-conditions-on-squarespace">Squarespace</a> </li> <li class="52812"> <a href="/en/help/52812-how-to-add-terms-and-conditions-on-shopify">Shopify</a> </li> <li class="50101"> <a href="/en/help/50101-how-to-add-terms-and-conditions-on-ucraft">Ucraft</a> </li> <li class="48828"> <a href="/en/help/48828-how-to-add-terms-and-conditions-on-webflow">Webflow</a> </li> <li class="50267"> <a href="/en/help/50267-how-to-add-terms-and-conditions-on-weebly">Weebly</a> </li> <li class="47938"> <a href="/en/help/47938-how-to-add-terms-and-conditions-to-wix">Wix</a> </li> <li class="45671"> <a href="/en/help/45671-how-to-add-terms-and-conditions-on-woocommerce-stores">WooCommerce</a> </li> <li class="47465"> <a href="/en/help/47465-how-to-add-terms-and-conditions-on-wordpress">WordPress</a> </li> <li class="46214"> <a href="/en/help/46214-how-to-add-terms-and-conditions-on-wordpress-com">WordPress.com</a> </li> <li class="separator 19581"> </li> <li class="category-title 19580"> <strong>Advanced</strong> </li> <li class="19579"> <a href="/en/help/12260">How to Configure your Content Security Policy for iubenda</a> </li> </ul> </li> <li class="has_child category-title 19563"> Troubleshooting and FAQs <ul> <li class="19676"> <a href="/en/help/407">Can I Copy and Paste the Text of the Legal Documents into My Website?</a> </li> <li class="separator 68080"> </li> <li class="category-title 68081"> <strong>Changelog</strong> </li> <li class="64425"> <a href="/en/help/64425-terms-and-conditions-generator-legal-changelog">Legal Changelog</a> </li> </ul> </li> </ul> </li> <li class="has_child category-title 6557"> Consent Database <ul> <li class="has_child category-title 17471"> Getting Started <ul> <li class="6469"> <a href="/en/help/6469-consent-solution-getting-started">Introduction and Methods</a> </li> <li class="7379"> <a href="/en/help/7379-how-to-sync-your-iubenda-legal-documents-with-the-consent-solution">How to Sync Your Legal Documents</a> </li> </ul> </li> <li class="has_child category-title 17472"> Implementation <ul> <li class="6473"> <a href="/en/help/6473-consent-solution-js-documentation">JavaScript</a> </li> <li class="6484"> <a href="/en/help/6484-consent-solution-http-api-documentation">HTTP API</a> </li> <li class="129285"> <a href="/en/help/129285-consent-database-integration-guide-all-major-platforms">Simple integration guide</a> </li> <li class="separator 18931"> </li> <li class="category-title 18930"> <strong>Popular Platforms</strong> </li> <li class="56957"> <a href="/en/help/56957-consent-solution-for-hubspot">HubSpot</a> </li> <li class="18710"> <a href="/en/help/18710-consent-solution-joomla-chronoforms">Joomla!</a> </li> <li class="67783"> <a href="/en/help/67783-make-integromat-consent-solution-integration">Make (Integromat)</a> </li> <li class="74560"> <a href="/en/help/74560-consent-solution-for-prestashop">Prestashop</a> </li> <li class="57099"> <a href="/en/help/57099-how-to-add-consent-solution-on-shopify">Shopify</a> </li> <li class="66387"> <a href="/en/help/66387-consent-solution-for-squarespace">Squarespace</a> </li> <li class="59704"> <a href="/en/help/59704-consent-solution-for-webflow">Webflow</a> </li> <li class="56770"> <a href="/en/help/56770-consent-solution-for-wix">Wix</a> </li> <li class="66023"> <a href="/en/help/66023-zapier-consent-solution-integration">Zapier</a> </li> <li class="separator 66377"> </li> <li class="category-title 66378"> <strong>WordPress</strong> </li> <li class="21330"> <a href="/en/help/21330-consent-solution-wordpress-plugin-installation-guide">WordPress (plugin)</a> </li> <li class="13083"> <a href="/en/help/13083-consent-solution-wordpress-contact-form-7">WordPress (JavaScript method)</a> </li> <li class="62292"> <a href="/en/help/62292-consent-solution-for-elementor">Elementor (WordPress website builder)</a> </li> <li class="61862"> <a href="/en/help/61862-consent-solution-for-gravity-forms">Gravity Forms (WordPress form plugin)</a> </li> <li class="separator 19582"> </li> <li class="category-title 17473"> <strong>Advanced</strong> </li> <li class="12502"> <a href="https://www.iubenda.com/en/help/12260">How to Configure your Content Security Policy for iubenda</a> </li> </ul> </li> <li class="has_child category-title 18268"> Troubleshooting and FAQs <ul> <li class="18199"> <a href="/en/help/18199-consent-solution-delivery-channels">Delivery Channels</a> </li> <li class="18024"> <a href="/en/help/18024-consent-solution-changelog">Changelog</a> </li> </ul> </li> </ul> </li> <li class="has_child category-title 141348"> Whistleblowing Management Tool <ul> <li class="141269"> <a href="/en/help/141269-eu-whistleblower-directive-guide-iubenda-tool">iubenda’s Guide to the EU Whistleblower Directive and Our Dedicated Tool</a> </li> </ul> </li> <li class="has_child category-title 6558"> Register of Data Processing Activities <ul> <li class="6311"> <a href="/en/help/6311-internal-privacy-management-getting-started">Guide to the Register of Data Processing Activities</a> </li> </ul> </li> <li class="has_child category-title 5238"> Resources <ul> <li class="13053"> <a href="/en/help/13053-iubenda-webinars">Webinars</a> </li> <li class="has_child category-title 25910"> Videos <ul> <li class="336"> <a href="/en/help/336-videos">All Video Guides</a> </li> <li class="separator 18397"> </li> <li class="category-title 18393"> <strong>Privacy and Cookie Policy Generator</strong> </li> <li class="34840"> <a href="/en/help/34840-privacy-and-cookie-policy-generator-overview-video">Overview</a> </li> <li class="327"> <a href="/en/help/327-intro-privacy-cookie-policy-generator-video">Introduction to the Generator</a> </li> <li class="310"> <a href="/en/help/310-add-services-privacy-policy-video">Adding services/clauses to your policy</a> </li> <li class="35004"> <a href="/en/help/35004-owner-info-privacy-policy-video">Filling in the owner info</a> </li> <li class="312"> <a href="/en/help/312-manage-languages-privacy-policy-video">Managing languages</a> </li> <li class="319"> <a href="/en/help/319-edit-privacy-policy-video">Editing your policy</a> </li> <li class="31830"> <a href="/en/help/31830-remove-iubenda-branding-video">Removing iubenda branding</a> </li> <li class="317"> <a href="/en/help/317-add-privacy-policy-to-your-site-video">Embedding your policy</a> </li> <li class="31834"> <a href="/en/help/31834-integrate-iubenda-wordpress-video">Integrating iubenda with WordPress</a> </li> <li class="separator 18398"> </li> <li class="category-title 18394"> <strong>Privacy Controls and Cookie Solution</strong> </li> <li class="31759"> <a href="/en/help/31759-cookie-solution-intro-video">Introduction to the Privacy Controls and Cookie Solution</a> </li> <li class="18387"> <a href="/en/help/18387-customize-cookie-banner-basic-video">How to customize the cookie banner (basic options)</a> </li> <li class="31752"> <a href="/en/help/31752-customize-cookie-banner-advanced-video">How to customize the cookie banner (advanced options)</a> </li> <li class="39065"> <a href="/en/help/39065-tcf-video">Transparency and Consent Framework (TCF)</a> </li> <li class="separator 33820"> </li> <li class="category-title 33821"> <strong>Terms and Conditions Generator</strong> </li> <li class="33817"> <a href="/en/help/33817-terms-and-conditions-generator-overview-video">Overview</a> </li> <li class="separator 18399"> </li> <li class="category-title 18395"> <strong>Consent Database</strong> </li> <li class="6827"> <a href="/en/help/6827-consent-solution-intro-video">Introduction to the Consent Database</a> </li> <li class="34721"> <a href="/en/help/34721-consent-solution-manual-implementation-javascript-video">Consent Database manual implementation (JavaScript)</a> </li> <li class="18353"> <a href="/en/help/18353-consent-solution-dashboard-video">Consent dashboard in action</a> </li> <li class="separator 18400"> </li> <li class="category-title 18396"> <strong>Register of Data Processing Activities</strong> </li> <li class="6667"> <a href="/en/help/6667-internal-privacy-management-video">How to use the IPM tool</a> </li> </ul> </li> <li class="has_child category-title 7679"> Templates <ul> <li class="category-title 25913"> <strong>GDPR</strong> </li> <li class="7687"> <a href="/en/help/7687-eu-representative-appointment-template">EU Representative Appointment</a> </li> <li class="7680"> <a href="/en/help/7680-data-processing-agreement-template-gdpr">Data Processing Agreement</a> </li> <li class="7689"> <a href="/en/help/7689-non-disclosure-and-confidentiality-obligation-for-employees">Non-Disclosure and Confidentiality Obligation for Employees</a> </li> <li class="7910"> <a href="/en/help/7910-data-protection-impact-assessment-dpia-template">Data Protection Impact Assessment (DPIA)</a> </li> <li class="separator 25914"> </li> <li class="category-title 22097"> <strong>CPRA & CCPA</strong> </li> <li class="22090"> <a href="/en/help/22090-us-data-processing-addendum-template">Service Provider Addendum</a> </li> </ul> </li> <li class="has_child category-title 25916"> Cheat Sheets, Checklists and Tests <ul> <li class="22835"> <a href="/en/help/22835-gdpr-compliance-checklist">GDPR cheat sheet</a> </li> <li class="23672"> <a href="/en/help/23672-gdpr-cookie-consent-cheatsheet">GDPR Cookie Consent Cheatsheet</a> </li> <li class="65132"> <a href="/en/help/65132-us-privacy-legislations-overview">US privacy legislations Cheatsheet</a> </li> <li class="39705"> <a href="/en/help/39705-global-email-marketing-cheatsheet">Global Email Marketing Cheatsheet</a> </li> <li class="22226"> <a href="/en/help/22226-ccpa-compliance-checklist">CCPA compliance checklist</a> </li> <li class="25920"> <a href="https://iubenda.typeform.com/to/cDGLymwf">CPRA quiz</a> </li> <li class="64214"> <a href="https://www.iubenda.com/en/help/5463-how-to-comply-with-the-gdpr-cookie-law-caloppa-and-ccpa#quiz">Compliance self-assessment test</a> </li> </ul> </li> </ul> </li> <li class="has_child category-title 5228"> Account and Billing <ul> <li class="6633"> <a href="/en/help/6633-pricing-faqs">Pricing FAQs</a> </li> <li class="4014"> <a href="/en/help/4014-delete-account">How to Delete Your Account</a> </li> <li class="167417"> <a href="/en/help/167417-iubenda-multi-user-accounts-feature-overview">iubenda Multi-User Accounts Feature Overview</a> </li> <li class="has_child category-title 5353"> Plans and Licenses <ul> <li class="379"> <a href="/en/help/379-basic-license-limits">Limits of the Free Plan</a> </li> <li class="163856"> <a href="/en/help/163856-how-to-renew-or-upgrade-your-iubenda-plan">How to Renew or Upgrade Your iubenda Plan</a> </li> <li class="162983"> <a href="/en/help/162983-how-to-manage-your-licenses-all-legacy-guides">How to Manage Your Licenses [All Legacy Guides]</a> </li> <li class="155774"> <a href="/en/help/155774-how-to-delete-a-site">How to Delete a Site</a> </li> </ul> </li> <li class="has_child category-title 5354"> Payment <ul> <li class="543"> <a href="/en/help/543-why-is-my-paypal-payment-failing">Why Is My Payment Failing?</a> </li> <li class="440"> <a href="/en/help/440-how-to-disable-auto-renewal">How to Disable Auto-Renewal</a> </li> <li class="62707"> <a href="/en/help/62707-can-i-pay-by-bank-transfer">Can I Pay by Bank Transfer?</a> </li> <li class="62688"> <a href="/en/help/62688-how-to-add-change-your-current-payment-method">How to Update your Payment Method</a> </li> <li class="3848"> <a href="/en/help/3848-recurring-basis">Why the iubenda Service Is On a Recurring Basis</a> </li> </ul> </li> <li class="has_child category-title 5355"> Invoices <ul> <li class="2800"> <a href="/en/help/2800-invoices">Where Can I Find My Invoices?</a> </li> <li class="517"> <a href="/en/help/517-update-invoicing-information">How to Update Your Invoicing Information</a> </li> <li class="11223"> <a href="/en/help/11223-invoices-different-email">How to Receive Invoices on a Different Email Address</a> </li> </ul> </li> </ul> </li> <li class="has_child category-title 17381"> Partners and Affiliates <ul> <li class="128"> <a href="/en/help/128-affiliate-referral">How to Set up a Basic Affiliate/Referral Program Partnership with iubenda</a> </li> <li class="30386"> <a href="/en/help/30386-how-to-resell-iubenda-to-your-clients">How to resell iubenda’s solutions to your clients</a> </li> <li class="22206"> <a href="https://www.iubenda.com/en/help/15138-partner-directory">Need help getting set up? View our directory of certified partners</a> </li> </ul> </li> <li class="has_child category-title 17445"> About iubenda <ul> <li class="6758"> <a href="/en/help/6758-data-processing-agreement-between-iubenda-and-its-users">Data Processing Agreement iubenda <> users</a> </li> <li class="1931"> <a href="/en/help/1931-what-iubenda-tracks-and-what-it-doesnt-track">What iubenda Does and Does Not Track</a> </li> <li class="5699"> <a href="/en/help/5699-5-reasons-why-we-host-your-documents">5 Reasons Why We Host Your Documents</a> </li> </ul> </li> </ul> </nav> </div> <div class="toc-wrap sticky-top"> <nav id="toc" data-toggle="toc"></nav> <div class="mb-4 text-sm text-uppercase font-weight-bold text-muted toc-label">Table of Contents</div> </div> </div> <!-- /.doc_aside --> <div class="col-lg-9 help-tpl__main"> <div class="mb-4 d-block d-lg-none"> <button class="btn btn-sm btn-outline-light px-4 btn-aside help-tpl__show-index-btn">Show index</button> </div> <h1 class="help-tpl__main-title mb-5 display-4 font-weight-semibold"data-swiftype-name="title" data-swiftype-type="string">What is the GDPR? The Ultimate Guide to GDPR Compliance</h1> <div class="entry_content entry_body_content doc_body" data-swiftype-name="body" data-swiftype-type="text" data-toc-scope > <p>The <span style="vertical-align: inherit;"><span style="vertical-align: inherit;">General Data Protection Regulation</span></span> (GDPR) <span style="vertical-align: inherit;"><span style="vertical-align: inherit;">became fully enforceable on May 25th, 2018.</span></span> In this comprehensive guide on GDPR compliance, we explain the main requirements of the EU Regulation, how to comply, what are users’ rights, and much more.</p> <div class="my-4 rounded p-3 bg-fade"> <p>In this post, we explain:</p> <ul class="wp-block-list"> <li><a href="#what-does-gdpr-stand-for">What does GDPR stand for</a></li> <li><a href="#what-is-gdpr">What is GDPR</a></li> <li><a href="#who">Who does the GDPR apply to</a></li> <li><a href="#gdprApplies">Where does it apply</a></li> <li><a href="#gdpr-not-applicable">When it does not apply</a></li> <li><a href="#main-requirements">Main requirements for GDPR compliance</a> <ul class="wp-block-list"> <li><a href="#legal-basis">Legal basis for processing data</a></li> <li><a href="#consent">Consent</a> <ul class="wp-block-list"> <li><a href="#records-of-consent">Records of consent</a></li> <li><a href="#cookies-and-gdpr">Cookies and the GDPR</a></li> </ul> </li> <li><a href="#userrights">Users’ rights</a></li> <li><a href="#crossborder">Cross-border data transfers</a></li> <li><a href="#privacy-by-design-default">Privacy by design & default</a></li> <li><a href="#breach-notification">Breach notification</a></li> <li><a href="#dpo">Data Protection Officers</a></li> <li><a href="#recordsProcessing">Records of processing activities</a></li> <li><a href="#dpia">Data Protection Impact Assessment (DPIA)</a></li> </ul> </li> <li><a href="#gdpr-fines">GDPR fines: Consequences of non-compliance</a></li> <li><a href="#faqs">GDPR compliance FAQs</a> <ul class="wp-block-list"> <li><a href="#gdpr-simple-meaning">What does GDPR mean in simple terms?</a></li> <li><a href="#7-gdpr-principles">What are the 7 principles of GDPR?</a></li> <li><a href="#what-is-gdpr-compliance">What is a GDPR compliance?</a></li> <li><a href="#usa">Is GDPR compliance mandatory in USA?</a></li> </ul> </li> <li><a href="#gdpr-overview">GDPR overview</a></li> <li><a href="#how-to-comply">How to comply with GDPR</a></li> <li><strong><a href="#iubenda">Simplify your GDPR compliance with iubenda</a></strong></li> </ul> </div> <div id="definitions" class="pt-2"> <div class="card my-4 px-3 pb-1" style="font-size: 88%;"> <h5 class="mt-4 mb-3"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Before getting started: Special definitions used in this GDPR compliance guide</span></span></h5> <ul class="spacing-2"> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">The term ” </span></span><strong><em><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">user</span></span></em></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> ” here means an individual whose personal data is processed by a controller or processor (also known as the </span></span><em><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">data subject</span></span></em><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> ).</span></span></li> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">The term ” </span></span><strong><em><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">data controller</span></span></em></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> ” means any person or legal entity involved in determining the purpose and ways of processing the personal data.</span></span></li> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">The term ” </span></span><strong><em><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">data processor</span></span></em></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> ” means any person or legal entity involved in processing personal data on behalf of the controller.</span></span></li> </ul> <p><em><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">For example, an internet company may collect user information via their website and store it using a 3rd party cloud service. </span><span style="vertical-align: inherit;">In this scenario, the internet company is the data controller and the organization running the cloud service is the data processor.</span></span></em></p> </div> </div> <div data-toc-activator=""> </div> <h2 class="wp-block-heading" id="what-does-gdpr-stand-for"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">What does GDPR stand for</span></span></h2> <p><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">GDPR stands for General Data Protection Regulation</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> (Regulation (EU) 2016/679) and at its most basic, it specifies </span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">how personal data should be lawfully processed (including how it’s collected, used, protected or interacted with</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> in general).</span></span> <strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">The EU GDPR became fully enforceable on May 25th, 2018</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">.</span></span></p> <h2 class="wp-block-heading" id="what-is-gpdr">What is GDPR</h2> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">This regulation is intended to strengthen data protection for </span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">all people whose personal information fall within its scope of application</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">, putting personal data control back into their hands.</span></span></p> <div class="my-4 rounded p-3 bg-note"> <h4 class="mt-3">🔎 Personal data explained</h4> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Personal data within the context of the GDPR text refers to <strong>any data that relates to an identified or identifiable living person</strong>. This includes pieces of information that, when collected together, can lead to the identification of a person.</span></span></p> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">This applies even to data that has been pseudonymized or encrypted as long as the encryption/anonymization is reversible. In terms of meeting data protection obligations under the regulation, it means that decryption keys will need to be kept separately from the pseudonymized data</span></span>.</p> <p><strong>Examples of personal data include:</strong></p> <ul class="wp-block-list"> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">basic identity data such as names, health, genetic & biometric data;</span></span></li> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">web data such as IP addresses, personal email addresses, political opinions;</span></span></li> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">sexual orientation data.</span></span></li> </ul> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"><strong>Examples of non-personal data include:</strong></span></span></p> <ul class="wp-block-list"> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">company registration numbers;</span></span></li> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">generic company email addresses such as </span></span><em><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">info@company.com</span></span></em><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">;</span></span></li> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">anonymized data.</span></span></li> </ul> </div> <h2 class="wp-block-heading" id="who">Who does the GDPR apply to</h2> <p>The GDPR can apply to:</p> <ul class="wp-block-list"> <li>An <strong>entity that bases its operations in the EU</strong> (whether the processing takes place in the EU or not).</li> <li>An <strong>entity that is not established in the EU, but offers goods or services</strong> (even for free) <strong>to people in the EU</strong>. The entity can be government agencies, private/public companies, individuals, and non-profits.</li> <li>An <strong>entity that is not established in the EU but monitors the behavior of people who are in the EU</strong>, provided that such behavior takes place in the EU.</li> </ul> <h2 class="wp-block-heading" id="gdprApplies"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Where does it apply</span></span></h2> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">This scope effectively covers almost all companies and, therefore, means that <strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">the GDPR can apply to you whether your organization is based in the EU or not</span></span></strong></span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">. </span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">As a matter of fact, this </span></span><a href="https://www.pwc.com/us/en/increasing-it-effectiveness/publications/assets/pwc-gdpr-series-pulse-survey.pdf" target="_blank" rel="noopener"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">PwC survey</span></span></a><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> showed that GDPR compliance is a top data protection priority for up to 92% of US companies surveyed.</span></span></p> <p class="lead text-primary txt-highlight">The GDPR can apply to you whether your organization is based in the EU or not</p> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">A common misconception is that only EU users are covered by the protections of the GDPR. However, </span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">the protections of the GDPR also extend to users outside the EU if the data controller is EU-based</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">. Therefore, if you are an EU-based data controller, the GDPR requirements apply to you and you must, by default, apply GDPR standards to ALL your users.</span></span></p> <h2 class="wp-block-heading" id="gdpr-not-applicable"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">When does it not apply</span></span></h2> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">The conditions of applicability of the GDPR are set in GDPR text Articles 2 & 3 from a material and a territorial point of view. To determine, whether a specific processing activity is exempt from its applicability, we have to consider both aspects.</span></span></p> <h3 class="wp-block-heading" id="material-point-of-view">GDPR compliance: <span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Material point of view</span></span></h3> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">The EU GDPR applies to the processing of personal data. Therefore, it does not apply to company data, such as a company name and address. Be careful here, however, because normally “natural persons” work in a company, any data referring to them would, therefore, be deemed “personal”, regardless of whether they are processed in a Business to Customer (B2C) or Business to Business (B2B) context.</span></span></p> <div class="my-4 rounded px-3 pt-3 pb-1 bg-fade"> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Furthermore, personal data would </span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">not</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> fall under the scope of applicability of the GDPR whenever:</span></span></p> <ul> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">they are processed by Member States in the context of the EU’s common foreign and security policy;</span></span></li> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">they are processed by competent authorities for purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security;</span></span></li> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">they are processed by EU institutions, bodies, offices and agencies;</span></span></li> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">they are processed </span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">by a natural person in the course of a purely personal or household activity</span></span></strong> (e.g. if you collect your friends’ personal data for your own personal phone book)<span style="vertical-align: inherit;"><span style="vertical-align: inherit;">.</span></span></li> </ul> </div> <h3 class="wp-block-heading" id="territorial-point-of-view">GDPR compliance: <span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Territorial point of view</span></span></h3> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">We’ve already mentioned under </span></span><a href="#gdprApplies"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">which conditions</span></span></a><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> the GDPR applies from a territorial point of view.</span></span></p> <div class="my-4 rounded px-3 pt-3 pb-1 bg-fade"> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Consequently, for a processing activity </span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">not</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> to be subjected to the GDPR, the following must apply cumulatively:</span></span></p> <ul> <li><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">the controller (or processor) is not based within the EU</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">. </span><span style="vertical-align: inherit;">Always bear in mind that the controller (or processor) could also be a EU-branch office of a non-EU corporation: in that case, even if the branch office were to have no legal personality, the GDPR would fully apply;</span></span></li> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">the </span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">processing does not relate</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> to the </span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">offering of goods or services</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> (even for free) to data subjects in the Union or the </span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">monitoring of their behavior</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> as far as it takes place within the Union;</span></span></li> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">the controller is not based in an extra-EU place, where EU law applies due to </span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">international public law</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">.</span></span></li> </ul> </div> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">💡</span></span> <span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Let’s take a look at some practical examples:</span></span></p> <div class="accordion" id="accordionExample"> <div class="card"> <div class="card-header" id="headingOne"> <h5 class="mb-0"> <button class="btn btn-link pl-0 collapsed" type="button" data-toggle="collapse" data-target="#collapseOne" aria-expanded="false" aria-controls="collapseOne"> US-based company </button> </h5> </div> <div id="collapseOne" class="collapse" aria-labelledby="headingOne" data-parent="#accordionExample"> <div class="card-body"> <p>US-based company, “A”, is selling goods to EU-based consumers (→ GDPR applicable) and hires a US-based company, “B”, for market analytics and statistics purposes. Is company B subject to the GDPR, although it’s neither based in the EU nor does it sell goods or services to EU customers? Probably yes, if the market analytics and statistics activity requires a “monitoring of the behavior” of customers based in the EU.</p> </div> </div> </div> <div class="card"> <div class="card-header" id="headingTwo"> <h5 class="mb-0"> <button class="btn btn-link pl-0 collapsed" type="button" data-toggle="collapse" data-target="#collapseTwo" aria-expanded="false" aria-controls="collapseTwo"> Italian Consulate in New York </button> </h5> </div> <div id="collapseTwo" class="collapse" aria-labelledby="headingTwo" data-parent="#accordionExample"> <div class="card-body"> <p>Do the employees of the Italian Consulate in New York need to comply with the GDPR? Yes, because the GDPR applies to them by virtue of “international public law”.</p> </div> </div> </div> <div class="card"> <div class="card-header" id="headingThree"> <h5 class="mb-0"> <button class="btn btn-link pl-0 collapsed" type="button" data-toggle="collapse" data-target="#collapseThree" aria-expanded="false" aria-controls="collapseThree"> China-based company </button> </h5> </div> <div id="collapseThree" class="collapse" aria-labelledby="headingThree" data-parent="#accordionExample"> <div class="card-body"> <p>Does a China-based company selling goods over a website only drafted in Chinese need to comply with the GDPR just because it’s possible, from a practical point of view, that some EU-based Chinese persons might purchase something from it? In principle, we’d say no, unless it can be proven that the company is doing relevant business with EU-based customers, or is addressing them expressly (for instance, by informing that “delivery to the EU” or “payment from an EU bank account” are possible, etc.)</p> </div> </div> </div> </div> <h2 class="heading-icon heading-icon--compliance" id="main-requirements">Main requirements for GDPR compliance</h2> <p>We have listed below the main requirements that organizations should meet in order to comply with the GDPR. <strong>It’s not an easy task</strong>. That’s why we have crafted GDPR-compliant legal software solutions to help you speed out and simplify the process. <a href="#iubenda">Jump to this section to learn more</a>.</p> <div class="text-center my-5 py-5 hide-from-amp"> <h3 data-toc-skip="">Not sure how to get started with GDPR compliance?</h3> <p class="mt-2 mb-3">Use our site scanner for a FREE website compliance audit </p> <a href="https://www.iubenda.com/en/start-generating?wizard=true" data-has-close-button="true" data-close-on-click="false" class="btn btn-xl btn-primary text-white px-5 py-3 text-lg lightbox"> Scan your website now </a> </div> <h2 class="wp-block-heading">1. Legal basis for processing data</h2> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">According to GDPR compliance, data can only be processed if there’s <strong>at least one legal basis for doing so</strong>.</span></span></p> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">The legal bases are:</span></span></p> <ul class="wp-block-list"> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">The user has given <strong>consent</strong> for one or more specific purposes.</span></span></li> <li>The data processing is <strong>necessary for the performance of a contract</strong> in which the user is a participant or necessary in order to take steps (requested by the user) prior to entering the contract.</li> <li>The processing is <strong>necessary for fulfilling a legal obligation</strong> to which the data controller is subject.</li> <li>The processing is <strong>necessary for protecting the vital interests</strong> of the user or of another person.</li> <li>The processing is <strong>necessary for performing a task carried out in the interest of the public</strong> or as contained under the official authority given to the data controller.</li> <li>The processing is <strong>necessary for the legitimate interests of the data controller or third party</strong>, except where overridden by the interests, rights and freedoms of the user, in particular where the user is a child.</li> </ul> <div class="my-4 rounded px-3 pt-3 pb-1 bg-caution"> <h5 class="my-2">Please note</h5> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Consent is the most common legal basis that an organization can choose to process user data, but it is not the ONLY </span></span>one<span style="vertical-align: inherit;"><span style="vertical-align: inherit;">. Therefore in some cases, companies can apply other legal bases for a data processing activity (however determining whether or not another legal basis may apply to your processing is </span></span><em><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">best done with a lawyer</span></span></em><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">). With that said, there will always be data processing activities where consent is the only, best or safest option.</span></span></p> </div> <h2 class="wp-block-heading" id="consent">2. Consent</h2> <p>GDPR requirements dictate that if relying on the legal basis of consent, data controllers must get <strong><em>verifiable</em> consent</strong> from users.</p> <p>In general, when getting consent for data processing, organizations <strong>should not use overly complicated terms</strong>. This includes legalese and unnecessary jargon. This indicates that terms and privacy policies should be laid out legibly (<a href="/privacy-policy/252372" target="_blank" rel="noopener">see ours here</a>) using understandable language and clauses so that users are fully aware of what they’re consenting to and what the consequences of their consent are.</p> <p>Organizations must be transparent on the purpose of the data collection and <strong>consent must be “explicit and freely given”</strong>. This means that the <strong>mechanism for acquiring consent must be unambiguous and involve a clear “opt-in” action</strong> (the regulation specifically forbids pre-ticked boxes and similar “opt-out” mechanisms).</p> <p>The regulation also gives a specific right to withdraw consent; it must, therefore, be <strong>as easy to withdraw consent as it is to give it</strong>.</p> <div class="card my-5"> <div class="d-none d-sm-block" style="width:54px; height: 54px; background: #fff; border-radius: 50%; position: absolute; top: -27px; left: -27px; font-size: 25px; text-align: center; line-height: 54px; border: 1px solid rgba(0,0,0,0.125);">🔎</div> <div class="p-4"> <h5>Consent for children</h5> <hr> <p class="card-text">In regards to Consent for children, organizations are required to get <strong>verifiable consent</strong> from a <strong>parent or guardian</strong> unless the service being offered is a preventative or counseling service. Organizations must make reasonable efforts (using available technology) to verify that the person giving consent actually holds parental responsibility for the child.</p> </div> </div> <h3 class="wp-block-heading" id="records-of-consent">Keep GDPR records of consent</h3> <p>Consent is such an important issue under the GDPR and it’s mandatory that you’re able to demonstrate that the user has given consent; should problems arise, the burden of proof lies with the data controller, so keeping accurate records is vital.</p> <p>To achieve GDPR compliance, your consent <span id="recordsofConsent">records</span> should include:</p> <ul class="wp-block-list"> <li>who provided the consent;</li> <li>when and how consent was acquired from the individual user;</li> <li>the consent collection form they were presented with at the time of the collection;</li> <li>which conditions and legal documents were applicable at the time that the consent was acquired.</li> </ul> <p>💡 Check this out for an <strong>example of compliant record-keeping vs non-compliant record-keeping</strong>:</p> <table class="table table-bordered my-5"> <tbody> <tr class="bg-note"> <th scope="col">Non-compliant Record Keeping</th> <th scope="col">Compliant Record Keeping</th> </tr> <tr> <td scope="row">Simply keeping a spreadsheet with customer names and whether or not consent was provided</td> <td scope="row">Ensuring that you keep a copy of the customer’s dated form which shows the action taken by the customer to provide their consent to the specific processing.</td> </tr> <tr> <td scope="row">Simply keeping the time and date of consent linked to an IP address, with a web link to your current data-capture form and privacy policy.</td> <td scope="row">Keeping comprehensive records that include a user ID and the data submitted together with a timestamp. You also keep a copy of the version of the data-capture form and any other relevant documents in use on that date.</td> </tr> </tbody> </table> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"><mark>Maintaining valid records, while mandatory, can be a technical challenge. Our <strong>Consent Database</strong> simplifies this process, making it easy for you to view, manage and export your recorded consents. You can <a href="https://www.iubenda.com/en/consent-solution" target="_blank" rel="noopener">read more about it here</a>.</mark></span></span></p> <h3 class="wp-block-heading" id="cookies-and-gdpr">Cookies and the GDPR</h3> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Another EU law worth mentioning here is the </span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">ePrivacy Directive</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> (also known as the </span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Cookie Law</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">). This law still applies as it has not been repealed by the GDPR. In future, the ePrivacy Directive will be replaced by the <a href="https://digital-strategy.ec.europa.eu/en/policies/eprivacy-regulation" target="_blank" rel="noopener">ePrivacy Regulation</a> and as such, </span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">will work alongside the GDPR</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">; the upcoming regulation is expected to still uphold the same values as the directive.</span></span></p> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">The Cookie Law requires users’ informed consent before storing cookies on a user’s device and tracking them.</span></span></p> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">💡</span></span> <span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Everything you should know in this guide: </span></span><a href="https://www.iubenda.com/en/help/5525-cookies-gdpr-requirements" target="_blank" rel="noopener"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Cookies and the GDPR: What’s Really Required?</span></span></a></p> <p>🌏 Want to learn more about which EU cookie consent rules apply on a per-country basis? Check out our <a href="https://www.iubenda.com/en/help/23672-gdpr-cookie-consent-cheatsheet" target="_blank" rel="noopener">Cookie Consent Cheatsheet</a>.</p> <h2 class="wp-block-heading" id="userrights">3. <span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Users’ rights</span></span></h2> <p>The GDPR text significantly enhances users’ rights over their personal data within the EU. It empowers individuals with greater control and transparency over their information and providing rights such as access, rectification, erasure, and data portability among others. <em>Let’s take a look at each of them.</em></p> <h3 class="wp-block-heading">📌 <span style="vertical-align: inherit;"><span style="vertical-align: inherit;">The right to be informed</span></span></h3> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Organizations must <strong>provide users with </strong></span></span><a href="https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-to-be-informed/" target="_blank" rel="noopener"><span style="vertical-align: inherit;"><strong><span style="vertical-align: inherit;">information</span></strong></span></a><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"><strong> about the data processing activities they carry out</strong>. Such information should be provided at the time at which personal data is obtained, typically <a href="https://www.iubenda.com/en/help/148990-privacy-statement" target="_blank" rel="noopener">via a privacy notice/policy</a>.</span></span></p> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">The information must be <strong>concise, transparent, intelligible, easily accessible, written in clear and plain language</strong> (especially if addressed to a child), and free of charge.</span></span></p> <div class="collapse-single mb-3"> <h2 style="cursor: pointer;" data-target="#collapse-one" data-toggle="collapse" aria-expanded="false" data-toc-skip>More on how to fulfill the user’s request</h2> <div id="collapse-one" class="collapse"> <p>If the data is collected from the actual user it relates to, then they must be provided with privacy information at the time the data is obtained. However, if the personal data is obtained from a source other than the individual user it relates to, then the user must be provided with privacy information within a “reasonable period” of the data being obtained. This period can be no later than one month in general. If you use the data to communicate with the user, the disclosure must be at latest, when the first communication occurs.</p> </div> </div> <h3 class="wp-block-heading"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">📌</span></span> <span style="vertical-align: inherit;"><span style="vertical-align: inherit;">The right to access</span></span></h3> <p>Users have the right to access the data and <a href="https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/right-of-access/" target="_blank" rel="noopener">information</a> about how their personal data is being processed. <a href="https://www.iubenda.com/en/help/64904-how-to-be-gdpr-compliant" target="_blank" rel="noopener">GDPR compliance</a> dictates that should a user request it, data controllers must provide an <strong>overview of the categories of data being processed, a copy of the actual data, and details about the processing</strong>. The details should include the <strong>purpose, how the data was acquired, and with whom it was shared</strong>.</p> <div class="collapse-single mb-3"> <h2 style="cursor: pointer;" data-target="#collapse-two" data-toggle="collapse" aria-expanded="false" data-toc-skip>More on how to fulfill the user’s request</h2> <div id="collapse-two" class="collapse"> <p>Also, the organization must provide the person making the request with a copy of their personal data free of charge (a reasonable fee can be charged for further copies). The requested data must be provided to the individual without undue delay and at latest, within one month of receiving the request; the exact number of days the organization has to honor a request depends on the month in which the request was made.</p> </div> </div> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">💡</span></span> The right to access is closely linked to the right to data portability, but these two rights are different. It is therefore important that in your <a href="https://www.iubenda.com/en/help/45520-gdpr-policy-template" target="_blank" rel="noopener">privacy policy</a>, there is a clear distinction between the two.</p> <h3 class="wp-block-heading">📌 The right to rectification</h3> <p>Users have the right to have their personal data <strong>rectified if it is inaccurate or incomplete</strong>. </p> <p>This right also implies that rectification <strong>must be disclosed</strong> to any and all third-party recipients involved in the processing of the data in question – unless doing so is impossible or disproportionately difficult. If requested by the user, the organization must also inform them about these third-party recipients.</p> <div class="collapse-single mb-3"> <h2 style="cursor: pointer;" data-target="#collapse-three" data-toggle="collapse" aria-expanded="false" data-toc-skip>More on how to fulfill the user’s request</h2> <div id="collapse-three" class="collapse"> <p>Requests can be extended by a further two months if the request is complex or if numerous requests were received from the individual. The individual must be informed within one month of receipt of the request with an explanation as to why the extension is necessary. Requests must be honored without undue delay and at latest, within one month of receiving the request.</p> <p>In most cases, organizations must comply with a request for rectification without charging a fee, however, if a request is found to be “manifestly unfounded or excessive”, a “reasonable fee” can be requested in order to carry out the request or refuse to deal with the request. In both scenarios, the decision will need to be legitimately justified. If a request is refused, the individual must be informed (along with the justification) without unnecessary delay and within one month of receiving the request.</p> </div> </div> <h3 class="wp-block-heading">📌 The right to object</h3> <p>Under the GDPR text, users have the right to <strong>object to certain processing activities</strong> in relation to their personal data carried out by the controller.</p> <p>The user has to state a motivation for their objection, unless the processing is carried out for direct marketing purposes, in which case no motivation is needed to exercise this right.</p> <div class="collapse-single mb-3"> <h2 style="cursor: pointer;" data-target="#collapse-four" data-toggle="collapse" aria-expanded="false" data-toc-skip>How to exercise this right</h2> <div id="collapse-four" class="collapse"> <p>In a nutshell, the user can object to the processing of their data whenever the processing is based on the controller’s legitimate interest, or the performance of a task in the public interest/exercise of official authority, or for purposes of scientific/historical research and statistics.</p> </div> </div> <div class="collapse-single mb-3"> <h2 style="cursor: pointer;" data-target="#collapse-five" data-toggle="collapse" aria-expanded="false" data-toc-skip>More on how to fulfill the user’s request</h2> <div id="collapse-five" class="collapse"> <p>In a nutshell, the user can object to the processing of their data whenever the processing is based on the controller’s legitimate interest, or the performance of a task in the public interest/exercise of official authority, or for purposes of scientific/historical research and statistics.</p> <p>If an objection to the processing of personal data is received and there is no grounds to refuse, the processing activity must stop. While the processing activity (including storage) must stop for the particular processing activities objected to, erasure may not be appropriate if the data is processed for other purposes (including the fulfillment of legal or contractual obligation) as the data will need to be retained for those purposes.</p> <p>Requests must be honored without undue delay and at latest, within one month of receiving the request. Requests can be extended by a further two months if the request is complex or if numerous requests were received from the individual. The individual must be informed within one month of receipt of the request with an explanation as to why the extension is necessary.</p> <p>In most cases, organizations must honor an objection (where there are no grounds to refuse) without charging a fee, however, if a request is found to be “manifestly unfounded or excessive”, a “reasonable fee” can be requested in order to carry out the request or the request can be refused. In both scenarios, the decision will need to be legitimately justified. If a request is refused, the individual must be informed (along with the justification) without unnecessary delay and within one month of receiving the request.</p> </div> </div> <h3 class="wp-block-heading">📌 The right to data portability</h3> <p>Users have the <strong>right to obtain</strong> (in a machine-readable format) <strong>their personal data for the purpose of transferring it from one controller to another, without being prevented from doing so by the data processor</strong>.</p> <p>This right only applies to personal data and as such does not apply to <strong>genuinely anonymous</strong> data (data that can’t be linked back to the individual).</p> <div class="collapse-single mb-3"> <h2 style="cursor: pointer;" data-target="#collapse-six" data-toggle="collapse" aria-expanded="false" data-toc-skip>More on how to fulfill the user’s request</h2> <div id="collapse-six" class="collapse"> <p>Requests must be honored without undue delay and at latest, within one month of receiving the request. Requests can be extended by a further two months if the request is complex or if numerous requests were received from the individual. The individual must be informed within one month of receipt of the request with an explanation as to why the extension is necessary.</p> <p>In most cases, organizations must comply with a request without charging a fee, however, if a request is found to be “manifestly unfounded or excessive”, a “reasonable fee” can be requested in order to carry out the request or the request can be refused. In both scenarios, the decision will need to be legitimately justified. If a request is refused, the individual must be informed (along with the justification) without unnecessary delay and within one month of receiving the request.</p> </div> </div> <h3 class="wp-block-heading">📌 The right to erasure</h3> <p>When data is <strong>no longer relevant to its original purpose</strong>, or where<strong> users have withdrawn consent</strong>, or where the <strong>personal data have been unlawfully processed</strong>, users have the right to request that their data be erased.</p> <div class="collapse-single mb-3"> <h2 style="cursor: pointer;" data-target="#collapse-seven" data-toggle="collapse" aria-expanded="false" data-toc-skip>Cases when the right can be refused</h2> <div id="collapse-seven" class="collapse"> <p>The right to erasure can be refused: <ul><li>where the personal data is processed for archiving purposes in the public interest (for example, scientific research);</li> <li>where data is necessary for legal defense;</li> <li>to comply with a legal obligation;</li> <li>for the performance of a task carried out in the public interest;</li> <li>in the exercise of official authority vested in the controller;</li> <li>where the data is necessary to exercise the right of freedom of expression;</li> <li>where the data is being processed for health purposes in the public interest.</li></ul> </p> </div> </div> <div class="collapse-single mb-3"> <h2 style="cursor: pointer;" data-target="#collapse-eight" data-toggle="collapse" aria-expanded="false" data-toc-skip>More on how to fulfill the user’s request</h2> <div id="collapse-eight" class="collapse"> <p>The request must be honored without undue delay and at latest, within one month of receiving it.</p> <p>Requests can be extended by a further two months if the request is complex or if numerous requests were received from the individual. The individual must be informed within one month of receipt of the request with an explanation as to why the extension is necessary.</p> </div> </div> <h3 class="wp-block-heading">📌 The right to restrict processing</h3> <p>Users have the right to restrict the processing of their personal data in cases where:</p> <ul class="wp-block-list"> <li>they’ve contested its <strong>accuracy</strong>;</li> <li>the <strong>user has objected to the processing and the organization is considering</strong> whether it has a legitimate ground which overrides this right;</li> <li>the <strong>processing is unlawful</strong> but the user requests restriction instead of erasure;</li> <li>the data is <strong>no longer needed</strong> but the user needs it to establish, exercise or defend a legal claim.</li> </ul> <p>The <strong>restriction must be disclosed to any and all third-party recipients</strong> involved in the processing of the data in question – unless doing so is impossible or disproportionately difficult. If requested by the user, the organization must also inform the user about these third-party recipients.</p> <div class="collapse-single mb-3"> <h2 style="cursor: pointer;" data-target="#collapse-nine" data-toggle="collapse" aria-expanded="false" data-toc-skip>More on how to fulfill the user’s request</h2> <div id="collapse-nine" class="collapse"> <p>Requests must be honored without undue delay and at latest, within one month of receiving the request. Requests can be extended by a further two months if the request is complex or if numerous requests were received from the individual. The individual must be informed within one month of receipt of the request with an explanation as to why the extension is necessary.</p> <p>In most cases, organizations must comply with a request without charging a fee, however, if a request is found to be “manifestly unfounded or excessive”, a “reasonable fee” can be requested in order to carry out the request or the request can be refused. In both scenarios, the decision will need to be legitimately justified. If a request is refused, the individual must be informed (along with the justification) without unnecessary delay and within one month of receiving the request.</p> </div> </div> <h3 class="wp-block-heading">📌 Rights relating to automated decision-making and profiling</h3> <p>Users have the right to not be subjected to a decision when it is based on automated processing or profiling, and it produces a legal or a similarly significant effect on the user.</p> <p>Organizations <strong>can only carry out automated decision-making if it is needed for the performance of a contract; authorized by EU state law applicable to the data controller; does not have a legal or similarly significant effect on the user; or is based on the individual’s explicit consent</strong>. You can only make automated decisions based on <a href="https://www.iubenda.com/en/help/112557-a-closer-look-at-special-categories-of-personal-data" target="_blank" rel="noopener">special category data</a> with the explicit consent of the user or for reasons of substantial public interest.</p> <h2 class="wp-block-heading" id="crossborder">4. Cross-border data transfers</h2> <p>The GDPR allows data transfers of EU resident data outside of the European Economic Area (EEA) <strong>only when in compliance with set conditions</strong>.</p> <p>According to the GDPR text, <strong>the country or region the data is being transferred to must have an “adequate” level of personal data protection by EU standards</strong>, or where not considered adequate, transfers may still be allowed under the use of <a href="https://www.iubenda.com/en/help/107560-standard-contractual-clauses" target="_blank" rel="noopener">standard contractual clauses (SCCs)</a> or binding corporate rules (BCRs).</p> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"><mark><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">💡</span></span> Learn more about <a href="https://www.iubenda.com/en/help/65844-eu-us-trans-atlantic-data-privacy-framework" target="_blank" rel="noopener">data transfers between the EU and the US</a>.</mark></span></span></p> <h2 class="wp-block-heading" id="privacy-by-design-default">5. Privacy by design & default</h2> <p>Data protection should be included from the onset of design and development of the business processes and infrastructure. This means that <strong>privacy settings should be set to ‘high’ by default and measures put into place</strong> to make sure that the processing life cycle of the data falls within the GDPR requirements.</p> <h2 class="wp-block-heading" id="breach-notification">6. Breach notification</h2> <p>If the organization is victim of a data breach, the data controller must <a href="https://www.iubenda.com/en/help/44869-gdpr-data-breach-notification" target="_blank" rel="noopener">notify</a> the Supervisory Authority <strong>within 72 hours of becoming aware</strong> of it. If the processing is carried out by a processor on behalf of the controller, the data processor will have to notify the controller immediately after becoming aware of it.</p> <p>Under this rule, <strong>users must also be informed of the breach</strong> (within the same time frame) unless the <a href="https://www.iubenda.com/en/help/44567-what-is-a-data-breach" target="_blank" rel="noopener">data breached</a> was protected by encryption (data rendered unreadable for the intruder), or, in general, the breach is unlikely to result in a risk to individuals’ rights and freedoms.</p> <p>In any case, the data controller should keep records of the breaches occurred in order to be able to demonstrate to the supervising authority compliance with these provisions.</p> <h2 class="wp-block-heading" id="dpo">7. Data Protection Officers</h2> <p>The <a href="https://www.iubenda.com/en/help/104727-what-to-look-for-when-choosing-your-dpo-based-on-gdpr-requirements" target="_blank" rel="noopener">Data Protection Officer (DPO)</a> is a person with expert knowledge of data protection law whose role includes <strong>assisting the controller or processor in monitoring internal compliance with GDPR regulations and overseeing data protection strategy and implementation</strong>. The DPO should also be proficient in IT process management, data security and other critical issues surrounding the processing of personal and sensitive data.</p> <div class="my-4 rounded p-3 bg-fade"> <h4 class="mt-3">When is the appointment of a DPO required by the GDPR?</h4> <p>GDPR compliance requires the <strong>designation of a DPO</strong> specifically <strong>in the following cases</strong>:</p> <ul class="wp-block-list"> <li>Where there is large-scale regular and systematic monitoring of users;</li> <li>Where the processing is carried out by a public authority (except for courts or independent judicial authorities);</li> <li>Where the organization is performing complex operations with user data (in particular sensitive user data).</li> </ul> <p>The appointment of a DPO is therefore not just based on the actual number of employees but on the essence of the data processing activity. <span style="vertical-align: inherit;"><span style="vertical-align: inherit;"><mark><strong>If your organization falls outside of these categories, then it is not mandatory that you appoint a DPO</strong>.</mark></span></span></p> </div> <h2 class="wp-block-heading" id="recordsProcessing">8. Records of processing activities</h2> <p>The EU GDPR requires that both data controllers and data processors keep and maintain “full and extensive” <strong>up-to-date <a href="https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/accountability-and-governance/documentation/" target="_blank" rel="noopener">records</a></strong> of the particular <strong>data processing activities</strong> they are carrying out.</p> <p>The records of processing activities <strong>must be in writing</strong>. While both paper and electronic forms are acceptable, it is best practice to use an electronic method of record-keeping so as to facilitate easy amendments.</p> <div class="my-4 rounded p-3 bg-fade"> <h4 class="mt-3">When is record-keeping of processing activities required by the GDPR?</h4> <p>Under GDPR compliance, full and extensive records of processing are <strong>expressly required</strong> in cases where the data processing activities:</p> <ul class="wp-block-list"> <li>are <em>not occasional</em>; or</li> <li>could result in a risk to the rights and freedoms of others; or</li> <li>involve the handling of “special categories of data”; or</li> <li>is carried out by an organization that has more than 250 employees.</li> </ul> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"><mark><strong>This effectively covers almost all businesses.</strong></mark></span></span></p> </div> <div class="my-4 rounded px-3 pt-3 pb-1" style="background: #FFF3D0;"> <h5 class="my-2">Note</h5> <p>Even <em>if</em> your processing activities somehow fall outside of the situations mentioned above, your information duties to users</a> (Articles 13 & 14) make it necessary for you to keep basic records relating to which data you collect, its purpose, all parties involved in its processing and the data retention period — this is mandatory for everyone.</p> </div> <p>💡 You may find that it is, in fact, quite <strong>useful</strong> to do <strong><a href="https://www.iubenda.com/en/help/132966-gdpr-audit-checklist#gdpr-audit-checklist" target="_blank" rel="noopener">regular information audits</a></strong> on what data your organization holds as not only does this practice help you to readily meet your record-keeping obligations, but it also makes it easier for you to review and optimize your data processing procedures.</p> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"><mark>Our <a href="https://www.iubenda.com/en/internal-privacy-management" target="_blank" rel="noopener">Register of Data Processing Activities</a> comes in very handy here as it greatly simplifies the technical process of creating and maintaining records. Read more about how it can help <a href="https://www.iubenda.com/en/help/6311" target="_blank" rel="noopener">here</a>.</mark></span></span></p> <h3 class="wp-block-heading">📝 What records of the data processor should include:</h3> <ul class="wp-block-list"> <li>The name and contact details of the controller, and where applicable, the controller’s representative and DPO;</li> <li>The purpose of the processing activities;</li> <li>Description of the various categories of users and data;</li> <li>The categories of data recipients including third country (not a member of the EU) recipients or international organizations;</li> <li>Transfers of personal data to a third country and the identification of that third country or international organization, including documentation of suitable safeguards (where applicable);</li> <li>Anticipated time limits for erasure of the various categories of data (where possible);</li> <li>A general description of technical and organizational security measures (where possible).</li> </ul> <h3 class="wp-block-heading">📝 What records of the data processor should include:</h3> <ul class="wp-block-list"> <li>The name and contact details of the controller and the processor acting on their behalf, and where applicable, the processor or controller’s representative and DPO;</li> <li>The categories of processing carried out on behalf of each controller;</li> <li>Transfers of personal data to a third country and the identification of that third country or international organization, including documentation of suitable safeguards (where applicable);</li> <li>Anticipated time limits for erasure of the various categories of data (where possible);</li> <li>A general description of technical and organizational security measures (where possible).</li> </ul> <h2 class="wp-block-heading" id="dpia">9. Data Protection Impact Assessment (DPIA)</h2> <p>A data protection impact assessment (<a href="https://www.iubenda.com/en/help/64486-privacy-impact-assessment" target="_blank" rel="noopener">DPIA</a>) is <strong>a process used to help organizations comply effectively with the GDPR and ensure that the principles of accountability, <a href="https://www.iubenda.com/en/help/147478-privacy-by-design-and-by-default" target="_blank" rel="noopener">privacy by design and privacy by default</a> are put in practice by the organization</strong>.</p> <p>The DPIA process should be <strong>recorded in writing</strong>. While publishing the DPIA is not a <em>general</em> legal requirement of the GDPR, it is suggested that data controllers consider publishing all or part of their DPIA as a gesture of transparency and accountability.</p> <p>💡 An effective DPIA is useful in meeting the requirement of “Privacy by design” as it makes it possible for organizations to find and fix issues at an early stage, thus mitigating both data security risks for users, and the risk of GDPR fines, sanctions and reputation damage that might otherwise occur to the organization.</p> <div class="my-4 rounded p-3 bg-fade"> <h4 class="mt-3">When is a DPIA required by the GDPR?</h4> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"><mark><strong>The DPIA is only mandatory in cases where data processing activity is likely to result in a high risk for users</strong>.</mark></span></span></p> <p><em>However, if unsure as to whether or not your processing activity falls within what is considered “high risk”, it is recommended that a DPIA be carried out nonetheless as it is a useful tool for ensuring that the law is complied with.</em></p> <p>🔎 <strong>“High-risk” data processing activities</strong> include:</p> <ul class="wp-block-list"> <li>Large-scale processing of sensitive data;</li> <li>Systematic monitoring of a publicly accessible area (e.g. CCTV);</li> <li>Situations where there are extensive automated evaluations of personal data that is intended to influence decisions that can affect the user’s life significantly.</li> </ul> <p>Know that DPIAs can also be required in other circumstances (based on a by case evaluation) including but not limited to processing data concerning vulnerable persons (e.g. children, the elderly), data transfer across borders outside the EU and data that is being used in profiling (e.g. credit scores).</p> </div> <h3 class="wp-block-heading">📝 What a DPIA should include:</h3> <ul class="wp-block-list"> <li>Full descriptions of the data processed;</li> <li>The purpose of the processing activity (and where applicable, information on the legitimate interests of the data controller);</li> <li>An evaluation of the scope and necessity of the processing activity in relation to the purpose;</li> <li>An assessment of the risk posed to users;</li> <li>Measures in place to address that risk.</li> </ul> <h2 class="wp-block-heading" id="gdpr-fines">GDPR fines: Consequences of non-compliance</h2> <p>The legal consequences for non-compliance can include <strong>fines up to EUR 20 million (€20m)</strong> or 4% of the annual worldwide turnover (whichever is greater), but perhaps equally <strong>as concerning are the other potential sanctions</strong> that may be implemented against organizations found to be in violation. These sanctions include <strong>official reprimands</strong> (for first-time violations), <strong>periodic data protection audits</strong> and <strong>liability damages</strong>.</p> <p class="lead text-primary txt-highlight">The legal consequences for non-compliance can include GDPR fines up to EUR 20 million (€20m) or 4% of the annual worldwide turnover</p> <p>The GDPR text also gives the explicit right to <strong>file a complaint</strong> with a supervisory authority if they feel that any processing of their personal data was done in violation of GDPR regulations and the right to <strong>compensation for any damages</strong> resulting from an organization’s non-compliance with regulations, hereby leaving violators open to potential litigation.</p> <div class="collapse-single mb-3"> <h2 style="cursor: pointer;" data-target="#collapse-ten" data-toggle="collapse" aria-expanded="false" data-toc-skip>Practical example of a user filing a compliant</h2> <div id="collapse-ten" class="collapse"> <p>If a report is made to the authority about an instance of regulatory violation, the authority may choose to perform an audit of the organization’s data processing operations. If it’s found that some processing activity was done unlawfully, not only is a fine imposed, but the organization may be forbidden from making further use of both the data of the inquiry and data acquired using similar mechanisms. This means that if the improper use was in regards to email address collection, the organization risks being barred from using the entire associated email list.</p> </div> </div> <h2 class="wp-block-heading" id="faqs">GDPR Compliance FAQs</h2> <div itemscope itemtype="https://schema.org/FAQPage"> <div itemscope itemprop="mainEntity" itemtype="https://schema.org/Question" class="entry_body_content"> <h3 itemprop="name" id="gdpr-simple-meaning">What does GDPR mean in simple terms?</h3> <div itemscope itemprop="acceptedAnswer" itemtype="https://schema.org/Answer"> <div itemprop="text" class="entry_body_content"> <p>In simple terms, GDPR stands for General Data Protection Regulation, which is a comprehensive data protection and privacy law in the European Union (EU). It was introduced to enhance the privacy and protection of personal data of EU citizens and residents. The regulation became enforceable on May 25, 2018, replacing the Data Protection Directive of 1995.</p> </div> </div> </div> <div itemscope itemprop="mainEntity" itemtype="https://schema.org/Question" class="entry_body_content"> <h3 itemprop="name" id="7-gdpr-principles">What are the 7 principles of GDPR?</h3> <div itemscope itemprop="acceptedAnswer" itemtype="https://schema.org/Answer"> <div itemprop="text" class="entry_body_content"> <p>The 7 principles of GDPR are lawfulness/fairness/transparency, purpose limitation, data minimization, accuracy, storage limitations, integrity/confidentiality, and accountability. They guide the processing of personal data and ensure the protection and privacy of individuals’ data. The 7 principles of GDPR are as follows:</p> <ol> <li><strong>Lawfulness, Fairness, and Transparency: </strong>The processing of personal data must have a legitimate basis and be conducted in a fair and transparent manner. Data subjects should be informed about the purposes of data processing and any other relevant information regarding their data.</li> <li><strong>Purpose Limitation:</strong> Personal data should be collected for specified, explicit, and legitimate purposes. Organizations must ensure that the data they collect is used only for the purposes for which it was originally collected. If they intend to use the data for additional purposes, they need to obtain explicit consent for this.</li> <li><strong>Data Minimization: </strong>GDPR emphasizes that personal data should be adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed. This means that organizations should avoid collecting excessive data and should retain only the minimum amount of data required to achieve their stated objectives.</li> <li><strong>Accuracy:</strong> Highlights the importance of keeping personal data accurate and up-to-date. Organizations are responsible for taking reasonable steps to ensure that the data they hold is accurate, and if any inaccuracies are identified, they should be rectified promptly.</li> <li><strong>Storage Limitations</strong>: The data you store should be up-to-date, but you can’t store it forever. The GDPR text requires that you set a time limit – the shortest possible – and that you explain why you need to store your users’ data for that period of time. When the time comes, you must erase or review the data you stored.</li> <li><strong>Integrity and Confidentiality</strong>: Store your users’ data securely, protecting them from unlawful processing or accidental loss, destruction or damage. You should also protect your users’ identity, through anonymization, for instance.</li> <li><strong>Accountability</strong>: Keep records relating to which data you collect, its purpose, all parties involved in its processing and the data retention period. This is mandatory for everyone.</li> </ol></p> </div> </div> </div> <div class="wp-block-image"> <figure class="aligncenter size-large is-resized"><img loading="lazy" decoding="async" width="1024" height="538" src="https://help.iubenda.com/wp-content/uploads/2023/12/7-principles-1024x538.png" alt="GDPR compliance: 7 principles of GDPR" class="wp-image-144276" style="width:515px;height:auto" srcset="https://help.iubenda.com/wp-content/uploads/2023/12/7-principles-1024x538.png 1024w, https://help.iubenda.com/wp-content/uploads/2023/12/7-principles-300x158.png 300w, https://help.iubenda.com/wp-content/uploads/2023/12/7-principles-768x403.png 768w, https://help.iubenda.com/wp-content/uploads/2023/12/7-principles-1536x806.png 1536w, https://help.iubenda.com/wp-content/uploads/2023/12/7-principles-1568x823.png 1568w, https://help.iubenda.com/wp-content/uploads/2023/12/7-principles.png 1600w" sizes="(max-width: 1024px) 100vw, 1024px" /></figure></div> <div itemscope itemprop="mainEntity" itemtype="https://schema.org/Question" class="entry_body_content"> <h3 itemprop="name" id="what-is-gdpr-compliance">What is a GDPR compliance?</h3> <div itemscope itemprop="acceptedAnswer" itemtype="https://schema.org/Answer"> <div itemprop="text" class="entry_body_content"> <p>In short, GDPR compliance refers to adhering to the General Data Protection Regulation (GDPR), a set of data protection laws implemented by the European Union (EU). </p> <p> GDPR sets guidelines and regulations on how personal data of individuals within the EU should be collected, processed, stored, and protected by organizations. </p> <p> Achieving GDPR compliance involves implementing necessary measures to ensure the privacy and security of personal data, obtaining explicit consent from individuals, providing transparency in data handling practices, appointing data protection officers (DPOs), and promptly addressing data breaches. Non-compliance can result in significant penalties. </p> </div> </div> </div> <div itemscope itemprop="mainEntity" itemtype="https://schema.org/Question" class="entry_body_content"> <h3 itemprop="name" id="usa">Is GDPR compliance mandatory in USA?</h3> <div itemscope itemprop="acceptedAnswer" itemtype="https://schema.org/Answer"> <div itemprop="text" class="entry_body_content"> <p>No, GDPR compliance is not mandatory in the United States by default. </p> <p>The General Data Protection Regulation (GDPR) is a regulation implemented by the European Union (EU) and primarily applies to organizations that collect, process, or store personal data of individuals within the EU. However, some US-based companies may need to comply with GDPR if they handle the personal data of EU residents.</p> <p>This can occur when offering goods or services to EU individuals or monitoring their behavior. It is advisable for US companies to assess their data processing activities and consult legal experts to determine if GDPR compliance is required for their specific situation. Additionally, the US has its own data protection regulations, such as the <a href="https://www.iubenda.com/en/help/73819-cpra-intro-to-the-ccpa-2-0-and-how-it-affects-you" target="_blank" rel="noopener">California’s CCPA/CPRA</a>, which may apply to businesses operating within that state.</p> </div> </div> </div> </div> <div class="my-4 rounded p-3 bg-note"> <h4 class="mt-3" "heading-icon heading-icon--compliance">👋 Which privacy laws apply to you?</h4> <p><a href="https://www.iubenda.com/en/help/5463-how-to-comply-with-the-gdpr-cookie-law-caloppa-and-ccpa-cpra#what-do-i-need-to-meet-my-online-legal-requirements-" target="_blank" rel="noopener">👉 Do this 1-min quiz to find out!</a></p> </div> <h2 class="wp-block-heading" id="gdpr-overview">GDPR overview</h2> <div class="table-wrapper table-help-column-fixed"> <table class="table table-bordered"> <tbody> <tr> <th>What is GDPR</th> <td>The <a href="https://www.iubenda.com/en/help/131054-gdpr-summary-key-points-you-need-to-know" target="_blank" rel="noopener">EU General Data Protection Regulation</a> is one of the most robust privacy laws in the world. It was enforced in May 2018.</td> </tr> <tr> <th>What’s the aim of the GDPR</th> <td>The Regulation wants to strengthen data protection for all people whose personal information fall within its scope of application, putting personal data control back into their hands.</td> </tr> <tr> <th>Who does the GDPR apply to</th> <td>The GDPR applies to both EU and Non-EU companies. Thus, its scope of application can extend outside of EU borders.</td> </tr> <tr> <th>How comply with GDPR</th> <td>GDPR compliance is made of several steps, and each organization should evaluate it carefully. At the very least, you should: <ul> <li>Establish a valid legal basis for processing personal data.</li> <li>Clearly describe the types of personal data collected and the purposes behind their collection in your privacy and cookie policy.</li> <li>Enable customers to easily request and receive information about the data you hold on them.</li> <li>Implement robust technologies and procedures to detect, report, and investigate any personal data breach.</li> <li>Maintain detailed records of data storage, usage, and processing activities.</li> </ul> </td> </tr> </tbody> </table> </div> <h2 class="wp-block-heading" id="how-to-comply">How to comply with GDPR</h2> <p>We’ve created a useful checklist on how to comply with GDPR and the Cookie Law, since they go hand in hand for compliance in Europe. Keep reading!</p> <p>👋<em> The GDPR applies to you if you’re based in the EU (+ UK), or if you target EU (+ UK) users. The </em><a href="https://www.iubenda.com/en/help/5525-cookies-gdpr-requirements"><em>ePrivacy Directive</em></a><em> (or Cookie Law) applies to most websites that can be accessed by EU users and that run cookies, trackers or similar technologies.</em></p> <div class="my-4 rounded p-3 bg-fade"> <p>✅ Do you have a valid, up-to-date and easily accessible <a href="https://www.iubenda.com/en/help/6187-what-should-be-in-a-privacy-policy" target="_blank" rel="noopener"><strong>privacy policy</strong></a> in your website’s footer or app menu?</p> <p>✅ Does your privacy policy describe all the <strong>types of personal data you collect, how, why</strong>, and <strong>who it gets shared with</strong>?</p> <p>✅ Do you get <strong>user consent</strong> before collecting any personal data, <em>e.g. on a contact form, or wheninstalling marketing cookies for advertising or analytics</em>?</p> <p>✅ <em>If you install cookies</em>, do you <strong>show an obvious <a href="https://www.iubenda.com/en/help/21985-cookie-banner-do-you-really-need-one-and-how-can-you-get-a-cookie-notice-for-your-website" target="_blank" rel="noopener">cookie banner</a> </strong>when a user first visits your website?</p> <p>✅ Do you <strong>block cookie scripts</strong> to prevent <a href="https://www.iubenda.com/en/help/5525-cookies-gdpr-requirements#exemptions" target="_blank" rel="noopener">non-exempt cookies</a> from being installed before you get consent?</p> <p>✅ Do you give users <strong>full granular consent options</strong> on your banner so they can filter out cookies they don’t want installed (<em>e.g. by type of cookies and purposes</em>)?</p> <p>✅ Do you <strong>have a proper <a href="https://www.iubenda.com/en/help/124203-cookie-policy-do-you-need-one-heres-everything-you-need-to-know" target="_blank" rel="noopener">cookie policy</a></strong> or a section of your privacy policy dedicated to cookies?</p> <p>✅ Do you maintain <strong>detailed records of consent</strong> for cookies, marketing activities and more? Do they include elements like timestamps, preferences expressed, and the specific form used?</p> <p>✅ Do you inform users of and make it easy for them to <strong>exercise </strong><a href="https://www.iubenda.com/en/help/112102-data-protection-navigating-gdpr-data-subject-rights" target="_blank" rel="noopener"><strong>their rights</strong></a>, <em>i.e. to fulfill their requests to access/correct/update/delete data you hold on them</em>?</p> <p>✅ Do you keep detailed <strong>internal records</strong>, including <strong>data retention policies</strong>, <strong>security measures </strong>or<strong> transfers outside the EU</strong>?</p> <p>✅ Do you keep the data <strong>safe</strong>? Who is responsible for GDPR compliance within your organization?</p> </div> <h2 class="wp-block-heading" id="iubenda">Simplify your GDPR compliance with iubenda</h2> <p>At iubenda, we take a comprehensive approach to GDPR compliance. We built our compliance solutions with the strictest regulations in mind, giving you full options to customize as needed. This way, we’ll assist you with meeting your legal obligations, reduce your risk of litigation and protect your customers —building trust and credibility.</p> <p><strong>And, wait for it: our solutions are made to simplify and speed up your compliance journey!</strong></p> <p><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"><mark><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">💡 </span></span><strong>Please note</strong> that privacy laws are usually amended and updated. It’s therefore important to ensure that your policies meet the latest requirements. For this reason, <strong>we use dynamic embedding and NOT copy & paste</strong>. With this method, you can rest assured that your policy is up to date and being maintained remotely by our legal team.</mark></span></span></p> <p>Here’s what you need to get started with full GDPR compliance:</p> <div class="collapse-single mb-3"> <h2 style="cursor: pointer;" data-target="#collapse-eleven" data-toggle="collapse" aria-expanded="false" data-toc-skip>Privacy Policy</h2> <div id="collapse-eleven" class="collapse"> <p>This legal document should state the ways in which your website or app collects, processes, stores, shares and protects user data, the purposes for doing so and the <a href="https://www.iubenda.com/en/help/7399-right-to-be-forgotten" target="_blank" rel="noopener">rights</a> of the users in that regard.</p> <p>With our <a href="https://www.iubenda.com/en/privacy-and-cookie-policy-generator" target="_blank" rel="noopener">Privacy and Cookie Policy Generator</a> you can create a beautiful, lawyer-crafted, precise privacy policy and seamlessly integrate it with your website or app. You can simply add any of several pre-created clauses at the click of a button or easily write your own custom clauses using the built-in form.</p> <p>The privacy policy also comes with the option to include a cookie policy (it’s necessary to include it if your website or app is using cookies). The <a href="https://www.iubenda.com/en/help/36403-free-privacy-policy-generator" target="_blank" rel="noopener">policies are customizable</a> to your needs and remotely maintained by an international legal team.</p> <div class="pb-5"><script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" src="https://fast.wistia.com/embed/medias/25jxoqtcja.jsonp" async=""></script><script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" src="https://fast.wistia.com/assets/external/E-v1.js" async=""></script> <div class="wistia_responsive_padding" style="padding: 55.63% 0 0 0; position: relative;"> <div class="wistia_responsive_wrapper" style="height: 100%; left: 0; position: absolute; top: 0; width: 100%;"><span class="wistia_embed wistia_async_25jxoqtcja popover=true popoverAnimateThumbnail=true videoFoam=true" style="display: inline-block; height: 100%; position: relative; width: 100%;"> </span></div> </div> </div> <p class="pt-3 pb-4">For more information on privacy policies <a href="https://www.iubenda.com/en/features#privacy-and-cookie-policy" target="blank" rel="noopener">click here</a>.</p> </div> </div> <div class="collapse-single mb-3"> <h2 style="cursor: pointer;" data-target="#collapse-twelve" data-toggle="collapse" aria-expanded="false" data-toc-skip>Privacy Controls and Cookie Solution</h2> <div id="collapse-twelve" class="collapse"> <p>Using cookies can mean both processing user data and installing files on the user devices. That’s why you need to meet the ePrivacy directive (Cookie Law)’s legal requirements if using tracking technologies. To help you out, we’ve created our comprehensive <a href="https://www.iubenda.com/en/cookie-solution" target="blank" rel="noopener">Privacy Controls and Cookie Solution</a>. It’s an easy-to-use cookie policy and cookie consent solution (including banner management), it’s fast and does not require heavy investments.</p> <!-- <div class="pb-5"><script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" src="https://fast.wistia.com/embed/medias/3mkytupjxz.jsonp" async=""></script><script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" src="https://fast.wistia.com/assets/external/E-v1.js" async=""></script> <div class="wistia_responsive_padding" style="padding: 60.21% 0 0 0; position: relative;"> <div class="wistia_responsive_wrapper" style="height: 100%; left: 0; position: absolute; top: 0; width: 100%;"><span class="wistia_embed wistia_async_3mkytupjxz popover=true popoverAnimateThumbnail=true videoFoam=true" style="display: inline-block; height: 100%; position: relative; width: 100%;"> </span></div> </div> </div> --> <div class="my-5 rounded px-3 pt-3 pb-1 bg-note"> <p>Many Data Protection Authorities across the EU have strenghtened their requirements and aligned their rules on cookies and trackers with the requirements of the GDPR. More specifically, it’s required that you record and store proofs of your users’ preferences. <br><br><strong>Cookie and Consent Preference Log</strong> are now available in our Privacy Controls and Cookie Solution. Click <a href="https://www.iubenda.com/en/help/1177-cookie-solution-getting-started#cpl" target="blank" rel="noopener">here</a> for more info!</p> </div> </div> </div> <div class="collapse-single mb-3"> <h2 style="cursor: pointer;" data-target="#collapse-thirteen" data-toggle="collapse" aria-expanded="false" data-toc-skip>Consent Database</h2> <div id="collapse-thirteen" class="collapse"> <p>In order to make your web forms fully GDPR compliant – regardless of how many users you have – you must also store proof of consent. You must demonstrate that consent was collected, when it was provided, by whom, which preferences were expressed, which legal or privacy notice was presented.</p> <p>Do all of the above with iubenda’s <a href="https://www.iubenda.com/en/consent-solution" target="blank" rel="noopener">Consent Database</a>. It helps you record and manage GDPR consent and privacy preferences for each of your users. It smoothly integrates with your consent collection forms, syncs with your legal documents and includes a user-friendly dashboard for reviewing consent records of your activities.</p> </div> </div> <div class="collapse-single mb-3"> <h2 style="cursor: pointer;" data-target="#collapse-fourteen" data-toggle="collapse" aria-expanded="false" data-toc-skip>Register of Data Processing Activities</h2> <div id="collapse-fourteen" class="collapse"> <p>To meet the record-keeping requirement from the GDPR text, our <a href="https://www.iubenda.com/en/internal-privacy-management" target="blank" rel="noopener">Register of Data Processing Activities</a> helps you record and manage all the data processing activities within your organization. You can list processing activities from 1800+ pre-made options, divide them by area, assign processors and other member roles, and document legal bases and other GDPR-required records.</p> <p>For a list of the full features of the <strong>Register of Data Processing Activities,</strong> read our guide <a href="https://www.iubenda.com/en/help/6311-guide-for-the-internal-privacy-management-tool" target="blank" rel="noopener">here</a>.</p> </div> </div> <div class="text-center my-5 py-5 hide-from-amp"> <h2 data-toc-skip>GDPR compliance made easy</h2> <a href="https://www.iubenda.com/en/start-generating?wizard=true" class="btn btn-xl btn-primary text-white px-5 py-3 mt-4 text-lg sans-serif lightbox">Get started now</a> </div> <h3 class="wp-block-heading"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">See also</span></span></h3> <ul class="wp-block-list"> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Read more about </span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">global legislation</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> with our </span></span><a href="https://www.iubenda.com/en/help/5720" target="_blank" rel="noopener"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">legal overview</span></span></a><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">, our </span></span><a href="https://www.iubenda.com/en/help/5525" target="_blank" rel="noopener"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">ePrivacy (Cookie Law)</span></span></a><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> guide, or our guide on </span></span><a href="/blog/privacy-policy-usa-california-commercial" target="_blank" rel="noopener"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">US law</span></span></a></li> <li><a href="http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2016.119.01.0001.01.ENG" target="_blank" rel="noopener"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Full GDPR text</span></span></a></li> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Read our </span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">service-specific articles</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> for </span></span><a href="/blog/the-need-for-privacy-policies-in-mobile-apps-an-overview"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">app creators</span></span></a><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> , </span></span><a href="/blog/odr-requirement-e-commerce-eu" target="_blank" rel="noopener"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">e-commerce websites</span></span></a></li> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Have a </span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">specific scenario</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> in mind? Check out our comprehensive guides on </span></span><a href="https://www.iubenda.com/en/help/5640" target="_blank" rel="noopener"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">email newsletters</span></span></a><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">, our guides for </span></span><a href="https://www.iubenda.com/en/help/5717" target="_blank" rel="noopener"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">services directed to children</span></span></a> or our guide on when <a href="https://www.iubenda.com/en/help/2859-terms-and-conditions-when-are-they-needed" target="_blank" rel="noopener">Terms and Conditions are needed</a>.</li> <li><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Using </span></span><strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Google services</span></span></strong><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">? Read our guides on </span></span><a href="/blog/privacy-policy-google-analytics" target="_blank" rel="noopener"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Google Analytics</span></span></a><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">, </span></span><a href="/blog/privacy-policy-google-adsense" target="_blank" rel="noopener"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Adsense</span></span></a><span style="vertical-align: inherit;"><span style="vertical-align: inherit;"> and </span></span><a href="/blog/privacy-policy-adwords-remarketing" target="_blank" rel="noopener"><span style="vertical-align: inherit;"><span style="vertical-align: inherit;">Ads</span></span></a></li> </ul> </div> <div class="help-tpl__still-questions-section mt-5 pt-5"> <h4 class="mb-3">Still have questions?</h4> <a href="/en/help/13053" class="btn btn-dark-gray txt-dark d-block d-lg-inline-block mb-2 mb-lg-0">Attend one of our free webinars</a> <a href="mailto:info@iubenda.com" class="btn btn-dark-gray txt-dark d-block d-lg-inline-block mb-2 mb-lg-0" data-elevio-module="2" data-elevio-style="nothing">Email us</a> <a href="#" class="btn btn-dark-gray txt-dark d-block d-lg-inline-block" data-elevio-module="9" data-elevio-style="nothing">Live chat</a> </div> </div> <!-- /.content --> </div> </div> </section> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ // Swiftype search is always loaded, rather than only when purpose 3 is not granted, providing a fallback in case CS fails to load. (function(w,d,t,u,n,s,e){w['SwiftypeObject']=n;w[n]=w[n]||function(){ (w[n].q=w[n].q||[]).push(arguments);};s=d.createElement(t); e=d.getElementsByTagName(t)[0];s.async=1;s.nonce='4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99'; s.src=u;e.parentNode.insertBefore(s,e); })(window,document,'script','//s.swiftypecdn.com/install/v2/st.js','_st'); _st('install','mvF4xAYwSHJ9YPypgTYd','2.0.0', { install: { hooks: { query_filter: function(query) { query.setFilterDataByDocumentTypeSlugAndFilterField('page', 'tags', { values: ['en'], type: "and" }); return query; } } } }); window.csActivationCompleted.then(function onCsActivation() { var preferences = _iub.cs.api.getPreferences(); var purposes = preferences.purposes; if (!purposes[3]) { // activateAiSearch is hidden until CS loads to prevents clicks on non-functional link if CS fails var activateAiSearch = document.getElementById('activate-ai-search'); if (activateAiSearch) { activateAiSearch.addEventListener('click', function(event) { event.preventDefault(); _iub.cs.api.openPreferences({ acceptPurposes: [3] }); }); activateAiSearch.classList.remove('invisible'); } } // When preferences are updated reload the page to add or remove the kapa script window.addEventListener('preference-expressed-or-not-needed', function() { location.reload(); }); }); //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" type="text/plain" async="async" src="about:blank" class="_iub_cs_activate" data-iub-purposes="3" suppressedsrc="https://widget.kapa.ai/kapa-widget.bundle.js" data-website-id="7229e341-9007-4fad-96de-30b7cca46f02" data-project-name="iubenda" data-project-color="#1cc691" data-project-logo="/favicon.png" data-modal-override-open-class="st-default-search-input" data-modal-override-open-class-search="st-default-search-btn" data-search-mode-enabled="true" data-search-mode-default="true" data-button-hide="true" data-modal-disclaimer="This is an AI assistant trained to help you with iubenda-related questions. It provides answers based on our Help Center and Community Forum content. While this feature is still experimental, feel free to try it out!" data-modal-title-ask-ai="iubenda Docs AI" data-modal-title-search="iubenda Docs" data-modal-search-placeholder="Ask me a question about iubenda..." data-modal-y-offset="12rem" data-modal-z-index="1036" data-search-show-ask-ai-cta="false"> //<![CDATA[ //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ HelpUtils.activateToc("#toc", $("[data-toc-activator]")); //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ $(document).ready(function() { /** consent solution mapping for help compliance course form **/ if ($('#help_compliance_course_form').length > 0) { _iub.cons_instructions.push(['load', { submitElement: 'help_compliance_course_submit', form: { selector: 'help_compliance_course_form', map: { subject: { email: 'email' } } }, consent: { preferences: { 'help_compliance_course_subscription': true }, legal_notices: [ { identifier: 'privacy_policy' } ] } }]); } $('.btn-aside').click(function(){ $('.doc_aside').toggleClass('show'); }); $('.doc_aside li.has_child').click(function(e){ if (e.target.nodeName === 'A') { return; } e.preventDefault(); e.stopPropagation(); $(this) .toggleClass('active'); }); $('.navbar-nav a').click(function(){ var li = $(this).closest('li'); if(!li.find('ul').length) { var parent = $('.doc_aside'); if(parent.hasClass('show')) parent.removeClass('show'); } }); $('.toc-button').click(function(){ $(this).toggleClass('clicked'); if($(this).hasClass('clicked')) $('[data-toggle=toc]').show(); else $('[data-toggle=toc]').hide(); }); exposeFideFunctions({ incorporationBetaEnabled: false, loginUrl: "/en/login?fide_user=true&for=custom_do", companyIncorporationsPath: "/en/costituzione/srl", isLoggedIn: false }); initializeFideBtns(); if ( $('#toolbox-accordion').length > 0) { var accordionConteiner = $('#toolbox-accordion'); $(accordionConteiner).find('.card p .btn').each(function buttonClickHandler() { $(this).on('click', function(e) { e.preventDefault(); var card = $(this).parents(':eq(2)'); var autoCheckOutLink = HelpUtils.createAutoCheckOutLink(card); location.href = '/pricing'+ autoCheckOutLink; }) }); } var currentAnchor = null; $('h2[id],h3[id]').hover( function(){ var el = $(this); if(currentAnchor) currentAnchor.remove(); currentAnchor = $('<a href="#'+el.attr('id')+'" class="a-anchor-inline ml-3"><i class="i-link"></i></a>').appendTo(el); }, function(){ if(currentAnchor) currentAnchor.remove(); } ); HelpUtils.activatePopovers(); HelpUtils.readAndCreateTheCheckBoxMapForCountries(); $('.button-expand').click(function(e) { var perCountryTable = $(e.target.parentElement.parentElement).clone(); var modalTitle = $('.country-table').data('title'); perCountryTable.find('.button-expand').remove(); Modal.dialog(perCountryTable[0].outerHTML, { title: modalTitle, size: 'full' }); setTimeout(function loadCheckboxesData() { HelpUtils.updateCheckBoxFromMap('.modal-dialog'); HelpUtils.activatePopovers(); }, 1); }); $('body').on('click', '.country-table form.countries label', function(e) { e.preventDefault(); }); $('body').on('change', '.country-table form.countries input', function(e) { var className = $(this).attr('class'); HelpUtils.updateCheckBoxMap(e); $('table .' + className).toggle($(this).is(':checked')); }); }).on('show.bs.modal', '.modal', function () { $('.modal-body .table th').attr('style', 'transform: translateY(0px);'); $('.modal').scroll(function() { if($('.modal .table-first-col-fixed').length > 0) { if ($('.modal').offset().top - $('.modal .table-first-col-fixed').offset().top > 0) { $('.modal .table-first-col-fixed th').css('transform', 'translateY(' + ($('.modal').offset().top - $('.modal .table-first-col-fixed').offset().top) + 'px)'); } else { $('.modal .table-first-col-fixed th').css('transform', 'translateY(0)'); } } }); }).on('hide.bs.modal','.modal', function () { HelpUtils.updateCheckBoxFromMap('.container'); }); //]]> </script> <footer class="iub-footer bg-light-gray text-sm"> <div class="container"> <div class="row line-between-columns gutter-lg"> <div class="col-md-6 col-sm-12 mt-5 mb-5"> <div class="mb-3"> <h4 class="text-default text-uppercase">Products and services</h4> <p class="text-default">Compliance for websites and apps</p> </div> <div class="row justify-content-between mb-3"> <div class="col-lg mb-4 mb-lg-0"> <ul class="list-unstyled mb-3 pl-2"> <li><a class="font-weight-bold" href="/en/privacy-and-cookie-policy-generator">Privacy and Cookie Policy Generator</a></li> <li><a class="font-weight-bold" href="/en/cookie-solution">Privacy Controls and Cookie Solution</a></li> <li><a class="font-weight-bold" href="/en/terms-and-conditions-generator">Terms and Conditions Generator</a></li> <li><a class="font-weight-bold" href="/en/consent-solution">Consent Database</a></li> <li><a class="font-weight-bold" href="/en/internal-privacy-management">Register of Data Processing Activities</a></li> <li><a class="font-weight-bold" href="/en/whistleblowing-management-tool">Whistleblowing Management Tool</a></li> <li><a class="font-weight-bold" href="/en/newsletter-opt-in-booster">Newsletter opt-in booster</a></li> <li><a class="font-weight-bold" href="https://www.iubenda.com/stats/">iubenda Stats </a></li> </ul> </div> </div> <div class="mb-3"> <ul class="list-unstyled mb-0"> <li class="list-inline-item d-block d-md-inline-block mr-md-0 mb-md-2"> <a href="/en/pricing" class="btn btn-sm btn-outline-primary d-block">Pricing</a> </li> <li class="list-inline-item d-block d-md-inline-block mr-md-0 mb-md-2"> <a href="https://www.iubenda.com/en/scan" class="btn btn-sm btn-outline-primary d-block">Free site scan</a> </li> </ul> </div> </div> <div class="col-md-6 col-sm-12 mt-5 mb-5 footer-right"> <div class="row mb-4"> <div class="col mb-4"> <h4 class="text-default text-uppercase mb-3">Company</h4> <ul class="list-unstyled mb-3 pl-2 text-xs"> <li class="mb-1"><a class="bg-gray-1 rounded px-2 py-1 text-white" href="https://www.iubenda.com/en/help/posts/1812">Work with us</a></li> <li><a href="https://www.iubenda.com/blog/">Blog</a></li> <li><a href="/en/partner-program">Get certified as a Compliance Expert</a></li> <li><a href="/en/help/15138-partner-directory">Partner directory</a></li> <li><a href="https://www.iubenda.com/en/help/149409-join-the-iubenda-affiliate-program">Earn with iubenda</a></li> </ul> <ul class="list-unstyled d-md-flex align-items-center"> <li class="mb-1 mr-4"> <a href="https://iubenda.link/capterra" target="_blank" rel="noopener"> <img border="0" data-lazy-src="https://assets.capterra.com/badge/de52ae1b9de89ae468a920af39e7ace6.png?v=2110097&p=156938" width="100" height="32" alt="Capterra rating"/> </a> </li> </ul> </div> <div class="col mb-4"> <h4 class="text-default text-uppercase mb-3">Legal</h4> <ul class="list-unstyled mb-0 pl-2 text-xs"> <li><a href="https://www.iubenda.com/privacy-policy/252372" class="iubenda-white iubenda-embed" title="Privacy Policy">Privacy Policy</a></li> <li><a href="/en/user/tos" class="iubenda-white iubenda-embed" title="Terms of Service">Terms and Conditions</a></li> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ (function (w,d) {var loader = function () {var s = d.createElement("script"), tag = d.getElementsByTagName("script")[0];s.src = "https://cdn.iubenda.com/iubenda.js";tag.parentNode.insertBefore(s,tag);};w.addEventListener ? w.addEventListener("load", loader, false) : w.attachEvent("onload", loader);})(window, document); //]]> </script> <a href="https://www.iubenda.com/dsar-form/en/5bcb8bf5-5fe3-43fe-ae11-2065200c7827" class="iubenda-white iubenda-embed" title="Privacy rights request">Privacy rights request</a> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ (function (w, d) { var loader = function () { var s = d.createElement("script"), tag = d.getElementsByTagName("script")[0]; s.src = "https://cdn.iubenda.com/iubenda.js"; tag.parentNode.insertBefore(s, tag); }; if (w.addEventListener) { w.addEventListener("load", loader, false); } else if (w.attachEvent) { w.attachEvent("onload", loader); } else { w.onload = loader; } })(window, document); //]]> </script> <li><a href="https://www.iubenda.com/whistleblowing-form/en/7d7ca782-3805-4ce2-ae0b-5b57f53162d5" class="iubenda-white iubenda-embed" title="Whistleblower Form">Whistleblower Form</a></li> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ (function (w,d) {var loader = function () {var s = d.createElement("script"), tag = d.getElementsByTagName("script")[0]; s.src="https://cdn.iubenda.com/iubenda.js"; tag.parentNode.insertBefore(s,tag);}; if(w.addEventListener){w.addEventListener("load", loader, false);}else if(w.attachEvent){w.attachEvent("onload", loader);}else{w.onload = loader;}})(window, document); //]]> </script> <li class="pb-3"><a href="https://www.iubenda.com/terms-and-conditions/19521877">Whistleblower policy</a></li> <li class="pb-3"><a href="/en/help/158">Imprint/Impressum</a></li> <li><a href='#' class='iubenda-cs-preferences-link'> <img style="width: 2rem!important" src="data:image/svg+xml;charset=UTF-8,%3csvg version='1.1' id='Layer_1' xmlns='http://www.w3.org/2000/svg' xmlns:xlink='http://www.w3.org/1999/xlink' x='0px' y='0px' viewBox='0 0 30 14' style='enable-background:new 0 0 30 14;' xml:space='preserve'%3e%3cstyle type='text/css'%3e .st0%7bfill-rule:evenodd;clip-rule:evenodd;fill:%23FFFFFF;%7d .st1%7bfill-rule:evenodd;clip-rule:evenodd;fill:%230066FF;%7d .st2%7bfill:%23FFFFFF;%7d .st3%7bfill:%230066FF;%7d %3c/style%3e%3cg%3e%3cg id='final---dec.11-2020_1_'%3e%3cg id='_x30_208-our-toggle_2_' transform='translate(-1275.000000, -200.000000)'%3e%3cg id='Final-Copy-2_2_' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st0' d='M7.4,12.8h6.8l3.1-11.6H7.4C4.2,1.2,1.6,3.8,1.6,7S4.2,12.8,7.4,12.8z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3cg id='final---dec.11-2020'%3e%3cg id='_x30_208-our-toggle' transform='translate(-1275.000000, -200.000000)'%3e%3cg id='Final-Copy-2' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st1' d='M22.6,0H7.4c-3.9,0-7,3.1-7,7s3.1,7,7,7h15.2c3.9,0,7-3.1,7-7S26.4,0,22.6,0z M1.6,7c0-3.2,2.6-5.8,5.8-5.8 h9.9l-3.1,11.6H7.4C4.2,12.8,1.6,10.2,1.6,7z'/%3e%3cpath id='x' class='st2' d='M24.6,4c0.2,0.2,0.2,0.6,0,0.8l0,0L22.5,7l2.2,2.2c0.2,0.2,0.2,0.6,0,0.8c-0.2,0.2-0.6,0.2-0.8,0 l0,0l-2.2-2.2L19.5,10c-0.2,0.2-0.6,0.2-0.8,0c-0.2-0.2-0.2-0.6,0-0.8l0,0L20.8,7l-2.2-2.2c-0.2-0.2-0.2-0.6,0-0.8 c0.2-0.2,0.6-0.2,0.8,0l0,0l2.2,2.2L23.8,4C24,3.8,24.4,3.8,24.6,4z'/%3e%3cpath id='y' class='st3' d='M12.7,4.1c0.2,0.2,0.3,0.6,0.1,0.8l0,0L8.6,9.8C8.5,9.9,8.4,10,8.3,10c-0.2,0.1-0.5,0.1-0.7-0.1l0,0 L5.4,7.7c-0.2-0.2-0.2-0.6,0-0.8c0.2-0.2,0.6-0.2,0.8,0l0,0L8,8.6l3.8-4.5C12,3.9,12.4,3.9,12.7,4.1z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e "> Your Privacy Choices</a></li> <li class="pb-3"><a href='#' class='iubenda-cs-uspr-link'>Notice at Collection</a></li> <li><a href="https://www.iubenda.com/privacy-policy/94654098">Consent Database Privacy Notice</a></li> <li><a href="https://www.iubenda.com/privacy-policy/36700132">Privacy Controls and Cookie Solution Privacy Notice</a></li> </ul> </div> </div> <div class="row"> <div class="col-6 mb-4"> <h4 class="text-default text-uppercase mb-3">Help</h4> <ul class="list-unstyled mb-0 pl-2 text-xs"> <li><a href="/en/help">Documentation</a></li> <li><a href="https://support.iubenda.com">Feedback & support forum</a></li> <li><a href="mailto:info@iubenda.com" data-elevio-module="2" data-elevio-style="nothing">Contact support</a></li> <li><a href="https://www.iubenda.com/en/help/161162-our-cmp-support-commitment">Our CMP Support Commitment</a></li> </ul> </div> <div class="col-6 mb-4"> <h4 class="text-default text-uppercase mb-2"><label for="user_country">Country</label></h4> <div class="mb-4"> <select class="form-control custom-select" id="user_country" name="iubenda_current_user[country_code]" remote="true"> </select> </div> </div> </div> <div class="row"> <div class="col-6 mb-4 mt-3"> <div class="footer_social_buttons"> <ul class="list-unstyled d-flex align-items-center"> <li class="mr-1"> <a href="https://www.facebook.com/iubenda" target="_blank" rel="noopener" class="pr-0"> <img class="mb-4" width="32" height="32" alt="Facebook logo" data-lazy-src="/assets/site/general/facebook_logo-0a635f95d5ca9a530ec6849fdca8c313abdbaa2ef4f7ff085e7894a481e69cb4.svg" src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==" /> <noscript> <img class="mb-4" width="32" height="32" alt="Facebook logo" src="/assets/site/general/facebook_logo-0a635f95d5ca9a530ec6849fdca8c313abdbaa2ef4f7ff085e7894a481e69cb4.svg" /> </noscript> </a> </li> <li> <a href="https://twitter.com/iubenda" target="_blank" rel="noopener" class="pl-0"> <img class="mb-4" width="32" height="32" alt="X logo" data-lazy-src="/assets/site/general/x_logo-374a5be853d42cc934c74f37d1378ececb74abff0767a619a2749f8461f05bf9.svg" src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==" /> <noscript> <img class="mb-4" width="32" height="32" alt="X logo" src="/assets/site/general/x_logo-374a5be853d42cc934c74f37d1378ececb74abff0767a619a2749f8461f05bf9.svg" /> </noscript> </a> </li> </ul> </div> </div> <div class="col-6 footer-certificates"> <img height="75" alt="CMP Partner badge" class="mr-3 mb-3" data-lazy-src="/assets/site/general/cmp_badge_en-3d95a73213cca3ef66050653cc124af032a115c33f225a895c6587e7665f2d0f.svg" src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==" /> <noscript> <img height="75" alt="CMP Partner badge" class="mr-3 mb-3" src="/assets/site/general/cmp_badge_en-3d95a73213cca3ef66050653cc124af032a115c33f225a895c6587e7665f2d0f.svg" /> </noscript> <a href="/assets/site/general/iubenda_iso_certificate-02df3bf20f10947e36649d790bb65e06f4f8df96b0bd26c4d1b7bd1d01fb4311.pdf" target="_blank"><img height="85" alt="ISO 27001 certificate" data-lazy-src="/assets/site/general/marchio_certification_ISO_IEC_27001-b48149ce6e055a2caa00f0961394ce95d4ae4f31fbcc7957a1851c213b2f6bff.png" src="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==" /> <noscript> <img height="85" alt="ISO 27001 certificate" src="/assets/site/general/marchio_certification_ISO_IEC_27001-b48149ce6e055a2caa00f0961394ce95d4ae4f31fbcc7957a1851c213b2f6bff.png" /> </noscript> </a> </div> </div> </div> </div> </div> <div class="language-country-selectors"></div> <hr class="p-0"> <div class="p-4 text-xs"> <div class="container"> <div class="row"> <div class="col-md-12"> <address class="d-flex flex-column d-lg-block"> <strong class="mr-2">iubenda s.r.l</strong> <span class="mr-2">Via San Raffaele, 1 - 20121 Milan (Italia)</span> <span class="mr-2">EU VAT No: IT07347120961</span> <span class="mr-2">UK VAT No: GB370904694</span> <span class="mr-2">Milan Chamber of Commerce</span> <span class="mr-2">SC: 12,795.78 Eur (fully paid up)</span> </address> </div> </div> </div> </div> </footer> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ $(document).ready(function() { $(".show-in-iframe").click(function(event) { if(!event.ctrlKey && !event.metaKey){ if (document.getElementById('iubenda-pp-popup')) { return; } showInIframe($(this).attr('href')/*,null,null,null,null,$('.container')[0],name*/); event.preventDefault(); } }); }); //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ window.isUserSignedIn = false; window.TrackingUtils.init(); //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ dataLayer.push({ event: "trigger_conversion", google_conversion_id: 1036022355, google_custom_params: window.google_tag_params, google_remarketing_only: true }); //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ !function(e,l,v,i,o,n){e[i]||(e[i]={}),e[i].account_id=n;var g,h;g=l.createElement(v),g.type="text/javascript",g.async=1,g.src=o+n,h=l.getElementsByTagName(v)[0],h.parentNode.insertBefore(g,h);e[i].q=[];e[i].on=function(z,y){e[i].q.push([z,y])}}(window,document,"script","_elev","https://cdn.elev.io/sdk/bootloader/v4/elevio-bootloader.js?cid=","5b0d50ab36803"); window._elev.on('load', function (_elev) { var userSettings = { groups: ['Language=EN']} _elev.setUser(userSettings); _elev.setLanguage('en'); _elev.setSettings({ disablePushState: true, cspInlineScriptNonce: CSP_NONCE }); }); window._elev.on('ready', function elevReady() { var wrap = document.querySelector('#_elev_io._elevio_widget').querySelector('._1mpem'); var wrapAppendChild = wrap.appendChild.bind(wrap); wrap.appendChild = function wrapAppendChildMid(div) { var divAppendChild = div.appendChild.bind(div); div.appendChild = function divAppendChildMid(article) { if (article.tagName && article.tagName.toLowerCase() === 'article') { var articleAppendChild = article.appendChild.bind(article); article.appendChild = function articleAppendChildMid(iframe) { if (iframe.tagName && iframe.tagName.toLowerCase() === 'iframe') { iframe.setAttribute('src', '/no-content.html'); } return articleAppendChild(iframe); }; } return divAppendChild(article); }; return wrapAppendChild(div); }; }); //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" src="https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js" integrity="sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==" crossorigin="anonymous" referrerpolicy="no-referrer"> //<![CDATA[ //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ (function($) { $('.wp-block-cb-carousel').slick(); })(jQuery); //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ function PasswordVisibilityToggle(passwordInputSelector, submitBtnSelector) { this.passwordInput = document.querySelector(passwordInputSelector); this.submitBtn = document.querySelector(submitBtnSelector); console.log( this.passwordInput + ' - ' + this.submitBtn ); if (this.passwordInput && this.submitBtn) { this.alert = this.findSiblingElement(this.passwordInput, 'show-hide-pw-alert'); this.toggleBtn = this.findSiblingElement(this.passwordInput, 'show-hide-pw-btn'); if (this.toggleBtn && this.alert) { this.init(); } else { console.error('Required elements not found.'); } } } PasswordVisibilityToggle.prototype.findSiblingElement = function(startElement, className) { var sibling = startElement.parentNode.firstChild; while (sibling) { if (sibling !== startElement && sibling.nodeType === 1 && sibling.classList.contains(className)) { return sibling; } sibling = sibling.nextSibling; } return null; }; PasswordVisibilityToggle.prototype.init = function() { var self = this; this.toggleBtn.addEventListener('click', function() { self.toggleVisibility(); }); this.submitBtn.addEventListener('click', function() { self.resetPasswordInput(); }); }; PasswordVisibilityToggle.prototype.toggleVisibility = function() { if (this.passwordInput.type === 'password') { this.passwordInput.type = 'text'; } else { this.passwordInput.type = 'password'; } var isChecked = this.toggleBtn.getAttribute('aria-checked') === 'true'; this.toggleBtn.setAttribute('aria-checked', !isChecked); if (!isChecked) { this.alert.textContent = "Your password is visible"; } else { this.alert.textContent = "Your password is hidden"; } }; PasswordVisibilityToggle.prototype.resetPasswordInput = function() { this.passwordInput.type = 'password'; }; //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ var userLocationPrefs = {"locale":"en","country":"SG"}; var cdnBaseUrl = "https://cdn.iubenda.com/"; var goProModalUrl = ""; var upToProUrl = ""; var upgradeSiteUrl = ""; var dashboardUrl = "/en/dashboard"; var accountUrl = "https://www.iubenda.com/en/account" var mtToPaygConversionFormUrl = "https://www.iubenda.com/en/billing/subscriptions/mt_to_payg_conversion_form"; var moveToPaygUrl = "https://www.iubenda.com/en/billing/subscriptions/move_to_payg"; var gopro_upgrade_to_remove = "Upgrade this privacy policy to Pro to remove the limit"; var gopro_upgrade_now = "Upgrade now"; var gopro_learn_more = "Learn more"; var gopro_free_limit_reached = "Free limit reached"; var gopro_only_four_services = "Upgrade this privacy policy to Pro to add more than 4 services."; var gopro_service_pro_only = "Upgrade this privacy policy to Pro to add this service." var gopro_switch_to_pro = "Switch to Pro to enable it"; var gopro_no_custom_text = "In order to add custom text, your privacy policy has to be upgraded to Pro."; var gopro_no_style_limit = "Only Pro privacy policies allow removal of the button style and free modification."; var gopro_no_brand_limit = "If you want to remove the iubenda logo, upgrade this privacy policy to Pro."; var gopro_direct_link_limit = "If you want to directly link the privacy policy, without using the embedding code, upgrade this privacy policy to Pro."; var gopro_direct_embed_limit = "If you want to directly embed the privacy policy text, so that it's printed right on your website's page, upgrade this privacy policy to Pro. <a href='/en/help/78' target='_blank'>Display an example</a>"; var gopro_add_language = "The license of this site is valid for a single language. If you want to add an additional language, you can purchase another license for the same price as the first :)"; var gopro_add_language_payg = "The license of this site is valid for a single language as each license is applied on a per-language or per-site basis. \u003cbr/\u003e\u003cbr/\u003e \u003cspan\u003e\u0026#128204;\u003c/span\u003e To add an additional language, you'll need to activate another license. Doing this is easy! \u003cbr/\u003e\u003cbr/\u003e Simply click the \"Add language\" button and our system will split the remaining value of your current paid license to activate the new one. \u003cbr/\u003e\u003cbr/\u003e The expiration date of both licenses will then shorten accordingly as the value of the subscription is split to accommodate your active licenses."; var mt_expired_add_language = "Your Multi-license plan expired, go to your dashboard to renew or go back to Pay-per-license."; var mt_emptied_add_language = "Your Multi-license plan has no more available slots, please upgrade to a larger plan."; var mt_add_language_upgrade_now = "Upgrade now"; var buy_second_language = "Buy additional language"; var permissions_tooltip_title = "Reserved for Pro policies"; var permissions_tooltip_paragraph = "In order to add this permission to your privacy policy, you must first upgrade it to Pro."; var pro_service_tooltip_title = "Reserved for Pro policies"; var pro_service_tooltip_paragraph = "In order to add this service to your privacy policy, you must first upgrade it to Pro."; var pro_cookiepp_tooltip_title = "Reserved for Pro policies"; var pro_cookiepp_tooltip_paragraph = "In order to add a cookie policy to your privacy policy, you must first upgrade it to Pro. <a href='/en/help/1175' target='_blank'>Display an example</a>"; var hint_tooltip_title = "Hints about this service"; var fbLoginUrl = "https://www.iubenda.com/en/facebook_login"; var facebookConnectUrl = "https://www.iubenda.com/en/facebook/connect"; var legacyUpgrade = true; var package_feature_not_enabled = "Upgrade your plan"; var package_upgrade_message = "This feature is not included in your current plan. Upgrade your plan to unlock it."; var package_upgrade_cta = "Learn more"; // alerts document.addEventListener("DOMContentLoaded", function(e) { var flashAlert = sessionStorage.getItem('flash_alert_error'); if (flashAlert) { AlertMessage.show({message: flashAlert, type: 'error', timerHide: 3000}); sessionStorage.removeItem('flash_alert_error'); } }); //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" type="text/plain" class="_iub_cs_activate" data-iub-purpose="2"> //<![CDATA[ (function(d, id) { var fcJS; function initFreshChat() { window.fcWidget.init({ token: "6946a656-b4d1-4304-80ca-a527ec430aa5", host: "https://wchat.freshchat.com", locale: "en", config: { hideFAQ: true, headerProperty: { hideChatButton: true, direction: "ltr" }, } }); window.fcWidget.user.setLocale('en'); } if (d.getElementById(id)) { initFreshChat(); return; } fcJS = d.createElement('script'); fcJS.id = id; fcJS.async = true; fcJS.src = 'https://wchat.freshchat.com/js/widget.js'; fcJS.nonce = '4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99' fcJS.onload = initFreshChat; d.head.appendChild(fcJS); }(document, 'freshchat-js-sdk')); //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" type="text/plain" class="_iub_cs_activate" data-iub-purposes="4,5"> //<![CDATA[ !function(){"use strict";window.RudderSnippetVersion="3.0.14";var e="rudderanalytics";window[e]||(window[e]=[]) ;var rudderanalytics=window[e];if(Array.isArray(rudderanalytics)){ if(true===rudderanalytics.snippetExecuted&&window.console&&console.error){ console.error("RudderStack JavaScript SDK snippet included more than once.")}else{rudderanalytics.snippetExecuted=true, window.rudderAnalyticsBuildType="legacy";var sdkBaseUrl="https://cdn.rudderlabs.com/v3";var sdkName="rsa.min.js" ;var scriptLoadingMode="async" ;var t=["setDefaultInstanceKey","load","ready","page","track","identify","alias","group","reset","setAnonymousId","startSession","endSession","consent"] ;for(var r=0;r<t.length;r++){var n=t[r];rudderanalytics[n]=function(t){return function(){var r ;Array.isArray(window[e])?rudderanalytics.push([t].concat(Array.prototype.slice.call(arguments))):null===(r=window[e][t])||void 0===r||r.apply(window[e],arguments) }}(n)}try{new Function('return import("")'),window.rudderAnalyticsBuildType="modern"}catch(a){} var i=document.head||document.getElementsByTagName("head")[0] ;var d=document.body||document.getElementsByTagName("body")[0];window.rudderAnalyticsAddScript=function(e,t,r){ var n=document.createElement("script");n.src=e,n.setAttribute("data-loader","RS_JS_SDK"),t&&r&&n.setAttribute(t,r), "async"===scriptLoadingMode?n.async=true:"defer"===scriptLoadingMode&&(n.defer=true), i?i.insertBefore(n,i.firstChild):d.insertBefore(n,d.firstChild)},window.rudderAnalyticsMount=function(){ "undefined"==typeof globalThis&&(Object.defineProperty(Object.prototype,"__globalThis_magic__",{get:function get(){ return this},configurable:true}),__globalThis_magic__.globalThis=__globalThis_magic__, delete Object.prototype.__globalThis_magic__), window.rudderAnalyticsAddScript("".concat(sdkBaseUrl,"/").concat(window.rudderAnalyticsBuildType,"/").concat(sdkName),"data-rsa-write-key","2MV0qrGjHKJbkC2kOh1rSBRyD9k") }, "undefined"==typeof Promise||"undefined"==typeof globalThis?window.rudderAnalyticsAddScript("https://polyfill-fastly.io/v3/polyfill.min.js?version=3.111.0&features=Symbol%2CPromise&callback=rudderAnalyticsMount"):window.rudderAnalyticsMount() ;var loadOptions={ onLoaded: function(rudderanalytics) { rudderanalytics.setAnonymousId("b6abfe74-b288-4ced-b5d7-cf2721dcdc9f"); window._radderAnalyticsQueue = window._radderAnalyticsQueue || []; window._radderAnalyticsQueue.forEach(func => { if (typeof func === 'function') { func("eyJncm93dGhib29rIjp7ImF0dHJpYnV0ZXMiOnsiY291bnRyeSI6IlNHIiwi\naWQiOiIiLCJ0cmFja2luZ19pZCI6IiIsImFub255bW91c19pZCI6ImI2YWJm\nZTc0LWIyODgtNGNlZC1iNWQ3LWNmMjcyMWRjZGM5ZiIsInNlc3Npb25faWQi\nOiIyMTc3ZmEzYThhNWM5Y2I0MTY4ZjEwODQyNWM5NWExMyIsImlwIjoiOC4y\nMjIuMjA4LjE0NiJ9LCJmb3JjZWRGZWF0dXJlcyI6eyJwcmljaW5nXzIwMjMi\nOnRydWV9fX0=\n"); } }); }, storage: { entries: { userTraits: { type: "localStorage" } } }, setCookieDomain: "www.iubenda.com" } ;rudderanalytics.load("2MV0qrGjHKJbkC2kOh1rSBRyD9k","https://rudder.iubenda.com", loadOptions)}} }(); rudderanalytics.page('', '', {}); rudderanalytics.load("2MV0qrGjHKJbkC2kOh1rSBRyD9k","https://rudder.iubenda.com", { onLoaded: function(rudderanalytics) { console.log('launchpad'); Appcues.loadLaunchpad("#appcues-launchpad", { position: "left", header: "Hey there! 👋 Check out what's new!", }); } }); //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" id="profitwell-js" data-pw-auth="e2b7961d01fb6d8f17a24d0b5f505c3d" type="text/plain" class="_iub_cs_activate" data-iub-purposes="2"> //<![CDATA[ (function(i,s,o,g,r,a,m){i[o]=i[o]||function(){(i[o].q=i[o].q||[]).push(arguments)}; a=s.createElement(g);m=s.getElementsByTagName(g)[0];a.async=1;a.src=r+'?auth='+ s.getElementById(o+'-js').getAttribute('data-pw-auth');m.parentNode.insertBefore(a,m); })(window,document,'profitwell','script','https://public.profitwell.com/js/profitwell.js'); profitwell('start', {}); //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99"> //<![CDATA[ window.GROWTHBOOK_API_HOST="https://cdn.growthbook.io"; window.GROWTHBOOK_CLIENT_KEY="sdk-nX2zVV0ub3f5ljqf"; //]]> </script> <script nonce="4fd8fe3bb9626881ec511efcf2724028e1d4b79b2c81ab03522fb277ef170f99" src="/assets/builds/growthbook-3b9344c70ddc480132f6.js" type="text/plain" class="_iub_cs_activate" data-iub-purposes="4"> //<![CDATA[ //]]> </script> </body> </html>