The main legal requirements for website and app owners


If the user has the possibility to directly enter personal data on the site or application, for example by filling out a contact form, registration for the service or subscription to the newsletter, it is necessary to obtain a free, specific and informed consent, as well as register a test unambiguous consent.
It is necessary to collect a consent for each specific processing purpose – for example, a consent to send newsletters and another consent to send promotional material on behalf of third parties. Consents can be requested by preparing one or more non-pre-selected, non-mandatory checkboxes accompanied by information texts that make it clear to the user how his data will be used.
It is necessary to collect a series of information each time a user completes a form on their site or application. This information includes a unique user identification code, the content of the accepted privacy policy and a copy of the form presented to the user.


Privacy and Cookie Policy

Each site and application that collects data is obliged to inform users through a privacy and cookie policy.

Here are some fundamental points that a privacy policy must have:

– the types of personal data processed;
– the legal bases of the processing;
– the purposes and methods of processing;
– the subjects to whom the personal data may be communicated;
– any transfer of data outside the European Union;
– the rights of the interested party;
– the identification details of the owner.


The cookie policy describes in particular the different types of cookies installed through the site, any third parties to which these cookies refer and the purposes of the processing.

Can’t we use a generic document?
It is not possible to use generic documents as the information must describe in detail the data processing carried out by your site or application, also listing all third-party technologies used (such as Facebook Like buttons or Google Maps maps).

What if my site does not process any data?
It is very difficult for your site not to process any data. In fact, a simple contact form or a traffic analysis system such as Facebook Pixel or Google Analytics is enough to trigger the obligation to prepare and show the information.


Cookie Law

Cookies are used to store some information on the user’s browser while browsing the site. Cookies are now essential to allow the proper functioning of a site. Many third-party technologies that we usually have on our sites, as well as a simple Facebook widget, in turn use cookies.

In addition to setting up a cookie policy, to adapt a website to cookie law it is also necessary to show a cookie banner at the first visit of each user and to obtain consent to the installation of cookies. Some types of cookies, such as those issued by tools such as social sharing buttons, should in fact be released only after obtaining valid consent from the user.

How we can help you?

Thanks to the partnership with iubenda, I can help you configure everything you need to bring your site / app up to standard. iubenda is indeed the simplest, most complete and professional solution to comply with regulations.

Consent Solution

The iubenda Consent Solution allows the collection and storage of unequivocal proof of consent whenever a user fills out a form – such as a contact or newsletter subscription form – on your website or app.

Privacy and Cookie Policy Generator

With the iubenda Privacy and Cookie Policy Generator I can prepare a personalized information notice for your website or app for you. Iubenda’s policies are generated by drawing on a database of clauses drawn up and continually reviewed by an international team of lawyers.

Cookie Solution

The iubenda Cookie Solution is a complete system to manage the display of a cookie banner at the first visit of each user, to preventively block the profiling cookies and to collect the user’s consent to the installation of cookies.