Iubenda logo
Start generating

Documentation

Table of Contents

Getting Started Guide

Take your first steps toward compliance with our guide

If you are on this page, then you are most likely asking yourself: “What do I need to do to comply with privacy laws like the GDPR and CPRA / CCPA?”. In any case, you’re probably aware that you need to meet legal requirements for your app/site.

Based on nearly 10 years of experience, we know that meeting these legal requirements (i.e., compliance) is a considerable challenge.

Taking time to understand complex laws and regulations and implement them does require time and money that you could otherwise use towards your business.

We can help you solve this challenge. With iubenda, you can easily check off all the right legal requirements – without sacrificing important business processes like speed and user experience.

Our software tools are currently trusted by more than 90,000 clients worldwide and are designed to help you achieve full compliance and keep focusing on what matters most: your business.

Start generating now

Or take this 1-minute quiz to get an immediate personalized answer on how iubenda can apply its instant magic for your legal requirements.

Find out what you need to get compliant

In general terms, compliance with data privacy laws means taking precise actions to responsibly handle the personal data processed during your business activities and to make the related mandatory disclosures. These actions may often seem challenging to implement and restrictive towards your business activities.

However, meeting online privacy law requirements is a valuable opportunity for growth for your site/app: you can protect and further enhance your reputation as a reliable/legitimate business, expand your user base and boost your revenue.

What do I need to meet my online legal requirements?

As each situation is unique, we invite you to complete the 1-minute quiz below to immediately identify which legal requirements most likely apply to you, what you need to do, and how iubenda can help.

Otherwise, please read on for an overview of the laws that might apply to you and how iubenda can help.

You need to enable cookies to see the quiz

Meet the protagonists – Laws from every part of the world

Even though the internet is global, there is no online privacy law that is applicable globally. Instead, you will encounter different laws in various parts of the world. And, each law has its own specific characteristics and requirements.

We have prepared for you a quick overview of several online privacy laws grouped by geographical region, so you can easily choose the laws that you’d like to learn more about.

💡 Take this 1-min quiz to find out which laws are actually relevant for you

US laws like the CPRA, and VCDPA are the laws most likely to be relevant to you, if you’re based in the US or have US-based users – regardless of where you’re based.

💡 Meeting US privacy requirements is easy with our US toolbox.

Main laws currently in force:
  • California’s CPRA (CCPA amendment)
  • California’s CalOPPA
  • Virginia’s VCDPA

What do you need to do to get compliant?
Because US privacy laws are typically implemented on the State level, US compliance often means that you need to comply with more than one law simultaneously. This usually means having privacy documents and opt-out mechanisms that meet each State’s requirements.

More about US compliance here.

The GDPR and ePrivacy (Cookie Law) are likely relevant to you if you are based in Europe or if you have/are likely to have in the future Europe-based users, regardless of where you’re based.

These laws also apply to you even if you are not based in Europe but you monitor (e.g., using analytics) the behaviour of Europe-based persons.

💡 Meeting the requirements of the GDPR and ePrivacy is easy with our EU/UK/CH toolbox.

GDPR (General Data Protection Regulation)

Specifies how and when personal data should be lawfully processed (including how it’s collected, used, protected or interacted with in general). An EU regulation in force since May 2018, it is arguably the most well-known privacy law globally.

What do you need to do to get compliant?
You should meet disclosure and transparency requirements by making sure you inform your users in detail about how you process their personal data. You should also ensure that you collect your users’ consent (for cookies and other purposes) in the correct manner: consent should be freely given, informed, specific and unambiguous.

More on the GDPR ›


ePrivacy Directive (“Cookie law”)

It complements the GDPR regarding the protection of personal data of individuals within Europe. It addresses crucial aspects about the confidentiality of electronic communications and the tracking of Internet users more broadly. In force since 2002.

What do you need to do to get compliant?
You must display a cookie banner on your website that is designed to obtain users’ informed consent before storing non-technical cookies on their device and/or tracking them. The cookie banner should allow for explicit and unambiguous consent from your users and should include a link to a comprehensive cookie policy. You should also implement a technical cookie management solution blocking codes that may install non-technical cookies, unless consent is provided by the user.

More on the ePrivacy/Cookie Law ›

💡 Meeting the requirements of the GDPR and ePrivacy is easy with our EU/UK/CH toolbox.

The LGPD is likely relevant to you if your data processing activities are carried out in Brazil (e.g. your servers are located in Brazil) or if you offer or supply goods or services to persons located in Brazil, regardless of their nationality. The LGPD also applies to you if you process data which refer to individuals located in Brazil.

LGPD (Brazilian General Data Protection Law)

It grants enhanced rights to users and protects both data processed in Brazil and the personal data of Brazil-based users. It can be considered as the Brazilian counterpart of the GDPR, although it differs from the GDPR in several ways. It is one of the newest addition to the online privacy laws family, in force from September 2020 onwards.

What do you need to do to get compliant?
You should meet disclosure and transparency requirements by making sure you inform your users in detail about how you process their personal data. You should also ensure that you collect your users’ consent for different purposes (e.g., a newsletter) in the correct manner: consent should be freely given, informed, specific and unambiguous.

More on the LGPD ›

💡 Meeting the requirements of the LGPD is easy with our Brazil toolbox.

OTHER COUNTRIES Where countries that are neither in the US, EU or Brazil, you must always be mindful of the legally and technically specific requirements of any other laws that might apply. In some cases, other countries’ privacy legislations align with certain standards of the GDPR.
 
MULTIPLE REGIONS Where multiple countries apply, you should refer to the requirements of the legislations mentioned above (US, EU, Brazil) that is applicable to you. In addition, you must always be mindful of the legally and technically specific requirements of any other laws that might apply. In some cases, other countries’ privacy legislations align with certain standards of the GDPR.

💡 Easily meet global privacy requirements and GDPR requirements (the most robust regulatory standards by default) with our Basic toolbox.

Your legal documents (e.g. privacy policy, cookie policy, terms and conditions) must be written in the same language(s) as your site so that your users are able to understand them. If your site is available in multiple languages, your documents and notices should also be available in these languages.

Our tools support 12 different languages (US English, UK English, German, Italian, French, Brazilian Portuguese, Portuguese, Dutch, Spanish, Danish, Swedish and Russian) meaning that you can easily generate legal documents in different languages.

How can iubenda help you?

We believe in the importance of a comprehensive approach to online legal compliance. Our complete set of solutions makes it super simple to check off all the right legal requirements.

And while we take care of all the complex legal details for you, you can decide, based on your compliance needs, business aims and design preferences, the language, content and specific appearance of your legal documents.

Our clients have rated us with 5 stars on Capterra, praising our easy-to-use, customizable, comprehensive and continuously updating solutions that ensure constant compliance with online privacy laws.

Our solutions

Privacy and Cookie Policy icon
GDPR
CalOPPA
CPRA / CCPA
General Global Privacy laws

Privacy and Cookie Policy Generator

Generate a beautiful, precise Privacy and Cookie Policy in minutes that describes in detail all the private data processing activities carried out by your website/app.

Cookie Solution icon
GDPR
ePrivacy/Cookie Law
CPRA / CCPA
LGDP

Privacy Controls and Cookie Solution

Create, in just a few clicks, a beautiful, fully customizable cookie banner, seamlessly collect users’ consent for non-technical cookies installation and implement prior blocking of non-technical cookies prior to consent.

Terms and conditions icon
For websites/apps

Terms and Conditions Generator

Terms & Conditions are essential for protecting you from potential liabilities. Our powerful Terms and Conditions Generator lets you create professional, lawyer-drafted Terms documents in minutes. The Generator is fully optimized for e-commerce, blogs, apps, marketplace, SaaS and more.


Consent Solution icon
GDPR
LGPD
General Global Privacy Laws

Consent Database

Easily store proof of consent and manage consent and privacy preferences for each of your users. Build detailed consent records, including the exact time when consent was provided, and the identity of the user that provided the consent.

Internal Privacy Management icon
GDPR
LGPD

Register of Data Processing Activities

Overcome, in just a few clicks, the technical challenge of recording and managing all the data processing activity within your organization.

Choose a tool from our toolbox

💡 Still not sure what tools you need? Take this 1-minute quiz to find out now which laws actually apply to you.

Based on your choices in the quiz, you can meet basic legal requirements with the solution selected below. If you monetize your content, or you use your website for any kind of commerce, we strongly suggest adding the Terms and Conditions to your toolbox by selecting it below. Once you’ve selected all necessary tools, proceed to check-out.

Optional/strongly recommended (GDPR-related tools and Terms and Conditions):

Get it

This toolbox will help you meet the requirements of US online privacy laws. Based on your choices in the quiz, you can meet your legal requirements with this pre-selected bundle. If you monetize your content, or you use your website for any kind of commerce, we strongly suggest adding the Terms and Conditions to your toolbox by selecting it below. Once you’ve selected all necessary tools, proceed to check-out.

Get it

This toolbox will help you meet the requirements of European (including UK and Switzerland) online privacy laws. Based on your choices in the quiz, you can meet your legal requirements with this pre-selected bundle.If you monetize your content, or you use your website for any kind of commerce, we strongly suggest adding the Terms and Conditions to your toolbox by selecting it below. Once you’ve selected all necessary tools, proceed to check-out.

Get it

This toolbox will help you meet the requirements of the Brazilian online privacy law. Based on your choices in the quiz, you can meet your legal requirements with this pre-selected bundle.If you monetize your content, or you use your website for any kind of commerce, we strongly suggest adding the Terms and Conditions to your toolbox by selecting it below. Once you’ve selected all necessary tools, proceed to check-out.

Get it

This toolbox will help you meet the requirements of European and US online privacy laws. Based on your choices in the quiz, you can meet your legal requirements with this pre-selected bundle.If you monetize your content, or you use your website for any kind of commerce, we strongly suggest adding the Terms and Conditions to your toolbox by selecting it below. Once you’ve selected all necessary tools, proceed to check-out.

Get it

This toolbox will help you meet the requirements of European and Brazilian online privacy laws. Based on your choices in the quiz, you can meet your legal requirements with this pre-selected bundle.If you monetize your content, or you use your website for any kind of commerce, we strongly suggest adding the Terms and Conditions to your toolbox by selecting it below. Once you’ve selected all necessary tools, proceed to check-out.

Get it

This toolbox will help you meet the requirements of US and Brazilian online privacy laws. Based on your choices in the quiz, you can meet your legal requirements with this pre-selected bundle.If you monetize your content, or you use your website for any kind of commerce, we strongly suggest adding the Terms and Conditions to your toolbox by selecting it below. Once you’ve selected all necessary tools, proceed to check-out.

Get it

This toolbox will help you meet the requirements of European, US and Brazilian online privacy laws. Based on your choices in the quiz, you can meet your legal requirements with this pre-selected bundle.If you monetize your content, or you use your website for any kind of commerce, we strongly suggest adding the Terms and Conditions to your toolbox by selecting it below. Once you’ve selected all necessary tools, proceed to check-out.

Get it

See also