The easiest way to get Google Consent Mode. Start measuring Google Analytics traffic and Google Ads conversions even when the consent banner is rejected.
GDPR compliance for your site, app and organization
GDPR compliance can be a technical and logistical challenge for individuals and organizations alike. Our solutions take the guesswork out of compliance and make it easy for you to meet GDPR requirements. Create a privacy & cookie policy in minutes, set-up your cookie banner with prior blocking, easily manage consent, maintain compliant processing records and more.
The GDPR applies to organizations, companies, individuals, corporations, public authorities and other entities - including small businesses, charities and nonprofit organizations - that are either based in the EU, offer goods or services (even for free) to people in the EU, or that monitor the behaviour of people in the EU, either directly or as a third party.
What's required for GDPR compliance
Provide a privacy and cookie policy
Requirement
Websites are required to provide a privacy policy and cookie policy. Apps don't generally make use of cookies, but they require a privacy policy anyway.
In order to meet GDPR disclosure and transparency requirements, this privacy information must be up-to-date, understandable, unambiguous, and easily accessible throughout the website or app.
Policies are invalid if they're missing the right information
In order to be compliant, your policy must at the very least:
describe the personal data collected and the purposes of their collection;
accurately list all the third parties the data is shared with; and
inform users of their rights in relation to their data.
Customizable from 2000+ clauses, available in 14 languages and automatically updated if the law changes, our generator allows you to create a legal document in minutes and seamlessly integrate it with your website or app.
Display a cookie banner and block cookies before consent
Requirement
If you operate in the EU or have EU users, and your website installs non-technical cookies, you need to comply with the ePrivacy Directive (Cookie Law), still valid under the GDPR.
In particular, you must:
Provide a compliant cookie policy
Display a cookie banner at the user's first visit
Block non-exempt cookies (e.g., Google Analytics, YouTube video widget, etc.) before obtaining user consent. You can easily implement this with our integrated auto-blocking feature.
Release cookies only after informed consent has been provided (prior consent)
To ensure that their ad revenue is not negatively affected, Publishers should also consider meeting industry standards by
utilizing IAB's Transparency and Consent Framework to allow users to set their advertising preferences
collecting explicit consent to Google personalized ads
Manage consent preferences for the ePrivacy, GDPR, CPRA (CCPA amendment) and LGPD. Integrated with the IAB TCF and CCPA Compliance Framework.
Our solution allows you to display a fully customizable cookie banner/consent banner, collect cookie consent, implement prior blocking (including auto-blocking), set advertising preferences, and more.
iubenda is a Google certified CMP with TCF and Google Consent Mode support
In order to make your forms GDPR compliant - regardless of how many users you have - consent must be freely given, informed, specific, and unambiguous.
Which means that your contact, newsletter and registration forms must clearly state your intentions, link to your privacy policy, and collect opt-in consent for different activities (pre-ticked checkboxes are forbidden).
You must also be able to demonstrate that consent was collected, retrieving:
When consent was provided
By whom
Which preferences were expressed
Which legal or privacy notice they were presented with at the time
Our solution smoothly integrates with your consent collection forms, syncs with your legal documents and includes a user-friendly dashboard for reviewing consent records of your activities.
Document all the data processing activity within your organization.
To comply with privacy laws, and particularly the GDPR, companies need to record how they store and use the data they collect from their users. Our solution allows you to easily document all the data processing activities within your organization.
The legal consequences for non-compliance can include fines up to €20 million or 4% of the annual worldwide turnover (whichever is greater). Not all GDPR infringements lead to fines: sanctions may include official reprimands, periodic data protection audits (which can result in being barred from using data associated with the violation — including entire email lists) and liability damages.
“If you, like me, are part of a smart team and hate updating your privacy policy every time you add some code to your site, then iubenda is for you. It's ridiculously affordable, and super easy to use.”
Personal data is information that relates to an identified or identifiable living person. This includes details that, when collected together, can lead to the identification of a person, like (but not limited to) name, IP address or personal email address.
A personal data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.
If an individual's data is breached, the individual must be notified as soon as possible and the supervisory authority notified within 72 hours of the breach's discovery.
Or join us at our next webinar to get an overview of the legal requirements and ask live questions
All our products are WCAG Level AAA Compliant
A 360° solution to make your sites and apps compliant with the law
Compliance for websites and apps
Privacy and Cookie Policy Generator
Create your privacy and cookie policy in minutes.
Customizable from 2000+ clauses, available in 14 languages and automatically updated if the law changes, our generator allows you to create a legal document in minutes and seamlessly integrate it with your website or app.
Manage consent preferences for the ePrivacy, GDPR, CPRA (CCPA amendment) and LGPD. Integrated with the IAB TCF and CCPA Compliance Framework.
Our solution allows you to display a fully customizable cookie banner/consent banner, collect cookie consent, implement prior blocking (including auto-blocking), set advertising preferences, and more.
Our solution smoothly integrates with your consent collection forms, syncs with your legal documents and includes a user-friendly dashboard for reviewing consent records of your activities.
Document all the data processing activity within your organization.
To comply with privacy laws, and particularly the GDPR, companies need to record how they store and use the data they collect from their users. Our solution allows you to easily document all the data processing activities within your organization.
