To inform your customers about main legal requirements that apply to their websites/apps, you can set up a dedicated landing page on your website.
To create a /iubenda-partner page on your website, simply copy the content available below onto your website. The page will be automatically reachable with a click on the iubenda Partner Badge.
Below is a template we have created for you, click on copy at the bottom of the text and add to your site! 👇
Websites and apps must comply with certain requirements imposed by law. Failure to comply with legal requirements can result in serious consequences, including significant fines, audits, and potential lawsuits.
For this reason, we have chosen to rely on iubenda, a company leader in the sector that relies on the work of international lawyers and a specialized team of devs. As Certified Partners, we have developed with iubenda a proposal to offer all our customers a simple and safe solution to help meet their compliance needs.
Applicable laws require each website/app that collects personal data to disclose relevant details to users via dedicated privacy and cookie notices.
Privacy policies must contain certain fundamental elements specific to your particular processing activities, including:
The cookie policy specifically describes the different types of cookies installed through the site, any third parties to which these cookies refer — including a link to the respective documents and opt-out forms — and the purposes of the processing.
It is not possible to rely on generic documents as your policy must describe in detail the specific data processing activities carried out by your website/app, and must also include specific details on any third-party technologies (e.g., Facebook Like buttons or Google Maps) operating on your website/app.
It’s very unlikely that your website does not process any personal data. A simple contact form or a traffic analysis system such as Google Analytics is enough to trigger the obligation to draft and display a privacy and cookie policy.
In addition to providing an easily available and accurate cookie policy, in order to adapt a website to the cookie law, it is also necessary to display, on each user’s first visit, an informative cookie banner that links to a detailed cookie policy and gives users the opportunity to either reject or grant consent to the installation of cookies. Most types of cookies, including those issued by tools, such as social sharing buttons, should only be released after the user has provided valid consent.
Furthermore, many third-party vendor networks may limit ad reach if you do not have a cookie management system that meets industry standards in place — potentially reducing your ability to generate ad revenue.
Cookies are small files used to store or track certain information while a user browses a website. Cookies are now essential to the proper functioning of websites. In addition, many third-party technologies that we integrate into our websites, such as simple video widgets or analytics programs, also use cookies.
US state privacy laws like, among others, California’s CCPA (as amended by the CPRA), Virginia’s VCDPA, and Colorado’s CPA, require businesses to inform US consumers about how and why their personal data is being used, their rights in regard to the processing of their personal information, and how they can exercise them. In order to comply with these requirements, you need, among others, to include relevant disclosures within your privacy policy and, under California law, display a notice at collection.
US state privacy laws apply to certain businesses that collect personal information of consumers residing in the specific state where the law applies, regardless of where the business itself is geographically located.
When a user directly enters personal data on a website/app, for example by filling a contact form, service registration, or newsletter subscription, it is necessary to collect freely given, specific, and informed consent. Under the GDPR, it’s also necessary to keep unambiguous records that allow you to demonstrate that valid consent was collected.
Similar to the GDPR, the Brazilian LGPD also requires the data controller to provide unambiguous proof of consent, giving evidence that the user’s consent was validly collected.
You must obtain consent for each specific processing purpose — for example, consent given to newsletters and does not apply to the sending of promotional material on behalf of third parties. Consent may be requested by setting up one or more checkboxes that are not pre-selected, mandatory, nor coerced and accompanied by relevant disclosures that make it clear to the user how his or her data will be used.
A range of information must be collected each time a user fills in a form on your website/app. This information includes a unique user identification code, the privacy policy’s accepted version, a copy of the form submitted by the user as well as a record of the opt-in mechanism used.
Unfortunately not. Some information necessary to demonstrate that consent was validly collected would be missing, such as a copy of the form actually filled by the user and the version of the privacy documents available to the user at the time that consent was collected.
The LGPD has a territorial scope that expands outside of Brazil. This means that you may be required to comply even if you, or your business, are not based in Brazil. In fact, the LGPD applies if you process data from individuals located in Brazil, regardless of their nationality (even if they were in Brazil only at the time of data collection, and have since moved).
At times, it can be necessary to protect your online business from potential liabilities with a Terms and Conditions document. Though not always legally required, Terms and Conditions set the way in which your product, service, or content may be used, in a legally binding way.
The Terms and Conditions typically include copyright clauses, disclaimers, and terms of sale, allow you to state the governing law and list mandatory consumer protection clauses, and more.
The Terms and Conditions should at least include:
Everyone from bloggers to e-commerce, SaaS, and enterprise businesses can benefit from setting Terms of Use. However, in some cases, it can be mandatory, such as in the case of e-commerce, where payment data is processed.
As it represents a legally binding agreement, it is not only important to have one in place, but also necessary to ensure that it meets legal requirements and matches your specific business processes and model, and remains up-to-date with the different applicable laws. Copy-pasting Terms and Conditions from other websites is very risky and could result in the document being void or unenforceable.
Thanks to our partnership with iubenda, the simplest and most complete professional solution, we can help your website/app comply with the main legal requirements.
With iubenda’s Privacy and Cookie Policy Generator, you can draft a fully customized policy for your website/app. iubenda’s policies are generated starting from a database of clauses drafted and continuously reviewed by an international team of lawyers. When the applicable law changes, the clauses are updated to keep up with latest legal requirements.
The iubenda Privacy Controls and Cookie Solution is a comprehensive tool to help you meet the requirements of EU Cookie Law, US state privacy laws, and any other third-party requirements by, among others, facilitating the display of a GDPR-compliant cookie banner or CPRA notice at collection, enabling the preventive blocking of profiling cookies and allowing the collection of users’ consent for the installation of cookies. It also supports opt-out requests from US consumers to prevent the sale of their personal data.
iubenda’s Consent Database allows the collection and storage of unambiguous proof of consent whenever a user fills out a form — such as a contact form or newsletter subscription — on your website or app, as required by the GDPR and the Brazilian LGPD. The solution can also be used to document opt-out requests from US consumers, as required by the applicable US state privacy laws.
With iubenda’s Terms and Conditions Generator, you can draft a fully customized T&C document for your website/app. iubenda’s Terms and Conditions are generated starting from a database of clauses drafted and continuously reviewed by an international team of lawyers. When the applicable law changes, the clauses are updated to keep up with the latest legal requirements.
Contact us to receive a personalized proposal →
