How we can help

In response to the 2018 reform of EU Data Protection regulations, we assembled the GDPR Compliance Kit to help you and your organization become compliant with the strict regulations.

Privacy Preferences

Privacy preferences and consent management can be handled directly from the front end of your site, thanks to banner notifications.

Native Fallbacks

There are convenient fallbacks for all native modules of Uncode connected toe external services that send and receive personal data.

Consent Logic

You can include and exclude content based on the user's consent. This is convenient if you use extra modules or plugins that send data.

Consent Logic

You can include and exclude content based on the user's consent. This is convenient if you use extra modules or plugins that send data.

Get the Facts

In response to the 2018 reform of EU Data Protection regulations, we assembled the GDPR Compliance Kit to help you and your organization become compliant with the strict regulations.

The General Data Protection Regulation (GDPR (EU) 2016/679) is a measure initiated to specify how data should be used, collected, protected and interacted with. This regulation controls how personal data is lawfully processed to protect personal information by allowing control of its application in the hands of the individual.

Personal data means any information relating to an identifiable person; one who can be identified, directly or indirectly, in particular by reference such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person ”.

Definitely the GDPR states that IP addresses should be considered personal data as it enters the scope of ‘online identifiers’. Your policy must describe what personal data your organization collects and the purpose of the collection in order to be compliant with the new regulations. You must also inform users of their data rights and list all third parties that the data is shared with.

What do users need to be informed of?

  • Owner details of website/app
  • Privacy Policy effective date
  • Policy changes notification process
  • Type of data being collected
  • Which third parties have access to their data & what data they’re collecting
  • Information on their individual rights to their data

The GDPR applies to government agencies, private and public companies, individuals, and non-profits where:

  • The base of operations for the entity is in the EU, regardless if the data processing takes place in the EU
  • An entity not in the EU offers goods or services (free offers included) to people in the EU.
  • An entity not established in the EU monitors the behavior of people who are in the EU.

This regulation effective covers the majority of companies and can apply to you regardless if your organization is based in the EU or not.

The world’s dependence on digital services and products has resulted in an increased necessity for data privacy, resulting in many regions enforcing strict data regulations that business are expected to comply. Failure to comply with these regulations can lead to financial consequences while also contributing to damaging your organization’s reputation and public trust. It is essential to ensure that your business is in compliance with legal obligations.

Depending on your law of reference you may also be required to employ additional disclosures to users, third-parties and supervisory authority.

Failure to comply can result in legal consequence with fines up to 23 million (€20m) or 4% of the annual worldwide turnover. Potential sanctions like official reprimands, periodic data protection audits, and liability damages can be implemented against organizations in violation of regulations.

If a complaint is made then authorities have the right to audit an organization’s data processing operations. If there is an unlawful action, organizations are subject not only to a fine, but also could be forbidden from collecting data and making further user of previously collected data. Users also have the right to seek compensation for damages resulted in an organization’s non-compliance with the regulations.

Let's Try to Understand

When you use a service like Google FontsGoogle AnalyticsYouTubeFacebook, or Twitter on your website, some personal data (usually your IP address) is sent to the provider in exchange for the free service offered. This data is then used to create targeted advertisements. Suppose that on your website’s homepage, you use a YouTube video as the background for your main header. When this video is watched, some personal data about the viewer is sent to the service provider (YouTube). It’s not compliant with the GDPR to simply include the video and communicate to the user that it’s possible to disable it. After all, by the time the page loads, YouTube (in this example) has already collected some personal data. The GDPR stipulates that users will first have to provide approval through consent before any data is processed. Obtaining this consent needs to be of the utmost importance.

Video Background & Lightbox Example

When your visitors watch a video from YouTube, some personal data (such as their IP address) is sent in exchange for the free service offered. If YouTube consent is denied, however, Uncode will use a fallback image. No personal data will be sent until YouTube consent is given by the user.

What is personal data?

“ ‘Personal data’ means any information relating to an identifiable person; one who can be identified, directly or indirectly, in particular by reference such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person ”. Definitely the GDPR states that IP addresses should be considered personal data as it enters the scope of ‘online identifiers’. Your policy must describe what personal data your organization collects and the purpose of the collection in order to be compliant with the new regulations. You must also inform users of their data rights and list all third parties that the data is shared with.

Fully-Hosted and Managed Privacy & Cookie Policy Kit

GDPR Compliance Kit

$350.00
  • One Year Coverage

Privacy policies are legally required worldwide and cookie policies are a direct requirement under the existing ePrivacy Directive (Cookie Law). The policy we provide to your organization allows you to seamlessly integrate these new requirements into your existing website platform. Our fully compliant cookie banner complies with the current provisions of the Cookie Law and allows an opportunity to easily inform users, collect their consent and provide an option to block any actions that could install cookies without their consent.

Integration- We’ll integrate your new policy with your site by using one of our widgets or integrating the data processing requirements directly into the body of Javascript. The policy is hosted on an international server so that it can be stored and updated as needed.

Legal Quality- Our policy was drafted by a team of expert international lawyers with over 600+ clauses to keep your organization compliant.

Up-to-date policies- We track hundreds of third-party services to ensure that the details of your policy are current to comply with their requirements, policies and opt-out links.

Updated documents- Legal regulations has the potential to change periodically. We monitor major regulations revisions and update our policies to meet changing requirements.

Maximize Collection: We offer several options for gaining consent from your users so that you can optimize your data collection by choosing the solution that works best for your demographic.

Consent via Scrolling: Make the consent process more convenient for users by utilizing consent via scrolling.

Integrated with the Privacy and Cookie Policy Generator: Our Cookie Solution integrates with your existing cookie and privacy policies automatically so there is no need to manually enter details.

Consent Save: Be in compliance with legal obligations without annoying or overwhelming your users. Our solution can track and save consent setting from users for 12 months since their last visit. This allows your users to navigate their experience on your site without interruption during subsequent visits after giving initial consent.

Download our PDF for more information

Download

Consequences of Non-Compliance

Failure to comply can result in legal consequence with fines up to 23 million (€20m) or 4% of the annual worldwide turnover. Potential sanctions like official reprimands, periodic data protection audits, and liability damages can be implemented against organizations in violation of regulations.

If a complaint is made then authorities have the right to audit an organization’s data processing operations. If there is an unlawful action, organizations are subject not only to a fine, but also could be forbidden from collecting data and making further user of previously collected data. Users also have the right to seek compensation for damages resulted in an organization’s non-compliance with the regulations.

JUST USING OUR GDPR PACKAGE DOES NOT GUARANTEE THAT AN ORGANIZATION IS SUCCESSFULLY MEETING ITS RESPONSIBILITIES AND OBLIGATIONS TO THE GDPR. THIS PAGE IS A BRIEF INTRODUCTION OF THE GDPR, AND PRESENTS SOME OF THE SPECIFIC FEATURES THAT CAN HELP YOU COMPLY WITH THE REGULATION. ORGANIZATIONS SHOULD ASSESS THEIR UNIQUE RESPONSIBILITIES, AND ENSURE THAT ANY ADDITIONAL MEASURES ARE TAKEN THAT ARE NECESSARY TO MEET ANY OBLIGATIONS REQUIRED BY LAW, AS BASED ON A DATA PROTECTION IMPACT ASSESSMENT.