Proud to be an iubenda Silver Partner.

We've partnered with iubenda to be able to provide your small business with attorney-level GDPR solutions to help make your website compliant with the law across multiple countries and legislations.

Contact us to see how we can help
iubenda Certified Silver Partner

Find out how we can help you adapt your site to the regulations.

Websites must always comply with certain requirements imposed by law. Failure to comply with the legal requirements, can result in serious penalties including substantial fines, audits and potential litigation.

For this reason we have chosen to rely on iubenda, a company built on both legal and technical expertise, that specializes in this sector. Together with iubenda, of which we are Certified Partners, we have developed a proposal to offer all our customers a simple and safe solution to their compliance needs.

Find out how we can help you adapt your site to the regulations.

Privacy policies must contain certain fundamental elements specific to your particular processing activities, including:

  • the contact and identifying details of the data controller;
  • which personal data is being processed;
  • the purposes and methods of processing;
  • the legal bases of processing (e.g. consent);
  • the third-parties that may also access the data — this includes any third party tools (e.g. Google Analytics);
  • details relating to the transfer of data outside the European Union (where it applies);
  • the rights of the user;
  • description of notification process for changes or updates to the privacy policy;
  • the effective date of the privacy policy.

The cookie policy specifically describes the different types of cookies installed through the site, any third parties to which these cookies refer – including a link to the respective documents and opt-out forms – and the purposes of the processing.

Can I use a generic Privacy and Cookie Policy document?

It's not possible to use generic documents as your policy must describe in detail the specific data processing carried out by your site, and must also include the particular details of any third party technologies (e.g. Facebook Like buttons or Google Maps) specifically used by you.

Do I need a Privacy or Cookie policy even if my site does not process any data?

It's very difficult for your site not to process any data. A simple contact form or a traffic analysis system such as Google Analytics is enough to trigger the obligation to prepare and display a privacy and cookie policy.

Where your user may need to directly enter personal data on the site, for example by filling in a contact form, service registration or newsletter subscription, it is necessary to collect consent that is freely given, specific and informed. It's also necessary to keep unambiguous records that allow you to demonstrate that valid consent was collected.

What is free, specific and informed consent?

You must obtain consent for each specific processing purpose – for example, a consent to send newsletters and another consent to send promotional material on behalf of third parties. Consent may be requested by setting up one or more checkboxes that are not pre-selected, not mandatory or coerced (freely given) and accompanied by relevant disclosures that make it clear to the user how his or her data will be used.

How can proof of valid consent be demonstrated unambiguously?

A range of information must be collected each time a user fills in a form on your site. This information includes a unique user identification code, the content of the privacy policy accepted, a copy of the form submitted by the user as well as a record of the opt-in mechanism used.

Is the email I receive from the user as a result of filling out a form not sufficient as proof of consent?

Unfortunately, it is not sufficient, as some information necessary to reconstruct the suitability of the procedure for collecting consent is missing, such as a copy of the form actually completed by the user and the version of the privacy documents available to the user at the time the consent was collected.

Privacy policies must contain certain fundamental elements specific to your particular processing activities, including:

  • the contact and identifying details of the data controller;
  • which personal data is being processed;
  • the purposes and methods of processing;
  • the legal bases of processing (e.g. consent);
  • the third-parties that may also access the data — this includes any third party tools (e.g. Google Analytics);
  • details relating to the transfer of data outside the European Union (where it applies);
  • the rights of the user;
  • description of notification process for changes or updates to the privacy policy;
  • the effective date of the privacy policy.

The cookie policy specifically describes the different types of cookies installed through the site, any third parties to which these cookies refer – including a link to the respective documents and opt-out forms – and the purposes of the processing.

Can I use a generic Privacy and Cookie Policy document?

It's not possible to use generic documents as your policy must describe in detail the specific data processing carried out by your site, and must also include the particular details of any third party technologies (e.g. Facebook Like buttons or Google Maps) specifically used by you.

Do I need a Privacy or Cookie policy even if my site does not process any data?

It's very difficult for your site not to process any data. A simple contact form or a traffic analysis system such as Google Analytics is enough to trigger the obligation to prepare and display a privacy and cookie policy.

How we can help you using iubenda’s solutions.

Thanks to our partnership with iubenda, we can help you configure everything you need to make your site compliant. iubenda is in fact the simplest, most complete and professional solution to comply with regulations.

Privacy and Cookie Policy Generator

With iubenda’s Privacy and Cookie Policy Generator we can prepare a fully customized, self-updating policy for your site. iubenda’s policies are generated starting from a database of clauses drafted and continuously reviewed by an international team of lawyers.

Cookie Solution

The iubenda Cookie Solution is a comprehensive solution to meet Cookie Law and third-party requirements by facilitating the display of a cookie banner at each user’s first visit, the preventive blocking of the profiling cookies and the collection of users’ consent to the installation of cookies.

Consent Solution

iubenda's Consent Solution allows the collection and storage of an unambiguous proof of consent whenever a user fills out a form - such as a contact form or newsletter subscription – on your website.

Contact us to see how we can help