Iubenda logo
Start generating

Documentation

Table of Contents

Getting Started Guide

Getting started with our Getting Started guide

If you are on this page, then you are most likely asking yourself: “What do I need to do to comply with privacy laws like the GDPR and CCPA?”. In any case, you’re probably aware that you need to meet legal requirements for your app/site.

Based on nearly 10 years of experience, we know that meeting these legal requirements (i.e., compliance) is a considerable challenge.

Taking time to understand complex laws and regulations and implement them does require time and money that you could otherwise use towards your business.

We can help you solve this challenge. With iubenda, you can easily check off all the right legal requirements – without sacrificing important business processes like speed and user experience.

Our software tools are currently trusted by more than 70,000 clients worldwide and are designed to help you achieve full compliance and keep focusing on what matters most: your business.

Start generating now

Or take this 1-minute quiz to get an immediate personalized answer on how iubenda can apply its instant magic for your compliance needs.

Find out what you need to get compliant

In general terms, compliance with data privacy laws means taking precise actions to responsibly handle the personal data processed during your business activities and to make the related mandatory disclosures. These actions may often seem challenging to implement and restrictive towards your business activities.

However, meeting online privacy law requirements is a valuable opportunity for growth for your site/app: you can protect and further enhance your reputation as a reliable/legitimate business, expand your user base and boost your revenue.

What do I need to meet my online legal requirements?

As each situation is unique, we invite you to complete the 1-minute quiz below to immediately identify which legal requirements most likely apply to you, what you need to do, and how iubenda can help.

Otherwise, please read on for an overview of the laws that might apply to you and how iubenda can help.

Meet the protagonists – Laws from every part of the world

Even though the internet is global, there is no online privacy law that is applicable globally. Instead, you will encounter different laws in various parts of the world. And, each law has its own specific characteristics and requirements.

We have prepared for you a quick overview of several online privacy laws grouped by geographical region, so you can easily choose the laws that you’d like to learn more about.

💡 Take this 1-min quiz to find out which laws are actually relevant for you

The CalOPPA and the CCPA are laws that are most likely relevant to you if you are based in the US or if you have/likely to have in the future US-based users, regardless of where you are based.

💡 Meeting the requirements of the CalOPPA and the CCPA is easy with our US toolbox.

CalOPPA (California Online Privacy Protection Act)

It was drafted to protect the privacy rights and personal data of California residents. It aims to safeguards “personally identifiable information” and is currently considered to be the broadest privacy law in the US. In force since July 2004.

What do you need to do to get compliant?
You must have a comprehensive privacy policy in place that contains several specific disclosures, is displayed in a conspicuous manner on the homepage of your website/app, and informs users, in detail, about how their private data are handled in several different scenarios.

More about CalOPPA ›


CCPA (California Consumer Privacy Act)

It grants users additional rights such as the right to be informed and the right to access information you’ve collected about them – but perhaps, the most visibly relevant right granted to users is the right to Opt-out. Fully enforceable from July 2020.

What do you need to do to get compliant?
You must display a notice informing users that their data might be collected and “sold” to other parties. You must also include a “Do Not Sell My Personal Information” (DNSMPI) link on your website/app or Privacy Policy, and thus allow users to opt-out of any data processing activity that could be considered as a “sale” of their personal data.

💡 Meeting the requirements of the CalOPPA and the CCPA is easy with our US toolbox.

The GDPR and ePrivacy (Cookie Law) are likely relevant to you if you are based in the EU or if you have/likely to have in the future EU-based users, regardless of where you’re based.

These laws also apply to you even if you are not based in the EU but you monitor (e.g., using analytics) the behaviour of EU-based persons.

💡 Meeting the requirements of the GDPR and ePrivacy is easy with our EU toolbox.

GDPR (General Data Protection Regulation)

Specifies how and when personal data should be lawfully processed (including how it’s collected, used, protected or interacted with in general). An EU regulation in force since May 2018, it is arguably the most well-known privacy law globally.

What do you need to do to get compliant?
You should meet disclosure and transparency requirements by making sure you inform your users in detail about how you process their personal data. You should also ensure that you collect your users’ consent (for cookies and other purposes) in the correct manner: consent should be freely given, informed, specific and unambiguous.

More on the GDPR ›


ePrivacy Directive (“Cookie law”)

It complements the GDPR regarding the protection of personal data of individuals within the EU. It addresses crucial aspects about the confidentiality of electronic communications and the tracking of Internet users more broadly. In force since 2002.

What do you need to do to get compliant?
You must display a cookie banner on your website that is designed to obtain users’ informed consent before storing non-technical cookies on their device and/or tracking them. The cookie banner should allow for explicit and unambiguous consent from your users and should include a link to a comprehensive cookie policy. You should also implement a technical cookie management solution blocking codes that may install non-technical cookies, unless consent is provided by the user.

More on the ePrivacy/Cookie Law ›

💡 Meeting the requirements of the GDPR and ePrivacy is easy with our EU toolbox.

The LGPD is likely relevant to you if you are based in Brazil or if you currently have or are likely to have Brazil-based users, regardless of where you’re based.

The LGPD also applies to you even if you are not based in the Brazil but you store/process data in Brazil (e.g., your servers are located in Brazil).

💡 Meeting the requirements of the LGPD is easy with our Brazil toolbox.

LGPD (Brazilian General Data Protection Law)

It grants enhanced rights to users and protects both data processed in Brazil and the personal data of Brazil-based users. It can be considered as the Brazilian counterpart of the GDPR, although it differs from the GDPR in several ways. It is the newest addition to the online privacy laws family, in force from September 2020 onwards.

What do you need to do to get compliant?
You should meet disclosure and transparency requirements by making sure you inform your users in detail about how you process their personal data. You should also ensure that you collect your users’ consent for different purposes (e.g., a newsletter) in the correct manner: consent should be freely given, informed, specific and unambiguous.

More on the LGPD ›

💡 Meeting the requirements of the LGPD is easy with our Brazil toolbox.

Where multiple countries apply, including countries that are neither in the US or EU, you apply the strictest applicable standards (in many cases this means GDPR standards) to make sure that you are protected from liabilities. In addition, you must be mindful of the legally or technically specific requirements of any other laws that might apply.

💡 Easily meet global privacy requirements and GDPR requirements (the most robust regulatory standards by default) with our Basic toolbox.

Your legal documents (e.g. privacy policy, cookie policy, terms and conditions) must be written in the same language(s) as your site so that your users are able to understand them. If your site is available in multiple languages, your documents and notices should also be available in these languages.

Our tools support 8 different languages (English, German, Italian, French, Brazilian Portuguese) meaning that you can easily generate legal documents in different languages.

How can iubenda help you?

We believe in the importance of a comprehensive approach to online legal compliance. Our complete set of solutions makes it super simple to check off all the right legal requirements.

And while we take care of all the complex legal details for you, you can decide, based on your compliance needs, business aims and design preferences, the language, content and specific appearance of your legal documents.

Our clients have rated us with 5 stars on Capterra, praising our easy-to-use, customizable, comprehensive and continuously updating solutions that ensure constant compliance with online privacy laws.

Our solutions

Privacy and Cookie Policy icon
GDPR
CalOPPA
CCPA
General Global Privacy laws

Privacy and Cookie Policy Generator

Generate a beautiful, precise Privacy and Cookie Policy in minutes that describes in detail all the private data processing activities carried out by your website/app.

Cookie Solution icon
GDPR
ePrivacy/Cookie Law
CCPA

Cookie Solution

Create, in just a few clicks, a beautiful, fully customizable cookie banner, seamlessly collect users’ consent for non-technical cookies installation and implement prior blocking of non-technical cookies prior to consent.

Terms and conditions icon
For websites/apps

Terms and Conditions Generator

Terms & Conditions are essential for protecting you from potential liabilities. Our powerful Terms and Conditions Generator lets you create professional, lawyer-drafted Terms documents in minutes. The Generator is fully optimized for e-commerce, blogs, apps, marketplace, SaaS and more.


Consent Solution icon
GDPR
LGPD
General Global Privacy Laws

Consent Solution

Easily store proof of consent and manage consent and privacy preferences for each of your users. Build detailed consent records, including the exact time when consent was provided, and the identity of the user that provided the consent.

Internal Privacy Management icon
GDPR
LGPD

Internal Privacy Management

Overcome, in just a few clicks, the technical challenge of recording and managing all the data processing activity within your organization.

Choose a tool from our toolbox

💡 Still not sure what tools you need? Take this 1-minute quiz to find out now which laws actually apply to you.

Based on your choices in the quiz, you can meet basic legal requirements with the solution selected below. If you monetize your content, or you use your website for any kind of commerce, we strongly suggest adding the Terms and Conditions to your toolbox by selecting it below.

Optional/strongly recommended (GDPR-related tools and Terms and Conditions):

Get it

This toolbox will help you meet the requirements of US online privacy laws. Based on your choices in the quiz, you can meet your legal requirements with this pre-selected bundle.If you monetize your content, or you use your website for any kind of commerce, we strongly suggest adding the Terms and Conditions to your toolbox by selecting it below.

Get it

This toolbox will help you meet the requirements of EU online privacy laws. Based on your choices in the quiz, you can meet your legal requirements with this pre-selected bundle.If you monetize your content, or you use your website for any kind of commerce, we strongly suggest adding the Terms and Conditions to your toolbox by selecting it below.

Get it

This toolbox will help you meet the requirements of the Brazilian online privacy law. Based on your choices in the quiz, you can meet your legal requirements with this pre-selected bundle.If you monetize your content, or you use your website for any kind of commerce, we strongly suggest adding the Terms and Conditions to your toolbox by selecting it below.

Get it

This toolbox will help you meet the requirements of EU and US online privacy laws. Based on your choices in the quiz, you can meet your legal requirements with this pre-selected bundle.If you monetize your content, or you use your website for any kind of commerce, we strongly suggest adding the Terms and Conditions to your toolbox by selecting it below.

Get it

This toolbox will help you meet the requirements of EU and Brazilian online privacy laws. Based on your choices in the quiz, you can meet your legal requirements with this pre-selected bundle.If you monetize your content, or you use your website for any kind of commerce, we strongly suggest adding the Terms and Conditions to your toolbox by selecting it below.

Get it

This toolbox will help you meet the requirements of US and Brazilian online privacy laws. Based on your choices in the quiz, you can meet your legal requirements with this pre-selected bundle.If you monetize your content, or you use your website for any kind of commerce, we strongly suggest adding the Terms and Conditions to your toolbox by selecting it below.

Get it

This toolbox will help you meet the requirements of EU, US and Brazilian online privacy laws. Based on your choices in the quiz, you can meet your legal requirements with this pre-selected bundle.If you monetize your content, or you use your website for any kind of commerce, we strongly suggest adding the Terms and Conditions to your toolbox by selecting it below.

Get it

See also