Getting Started
- Getting Started Guide
- Complete guide to the GDPR
- Compliance for:
- Simple Websites / Blogs
- E-commerce Websites
- App Developers
- Individual Services
Legal Requirements
Privacy and Cookie Policy Generator
- Creating Your Policy
  - Generating
  - How to Create a Privacy Policy
  - How to Generate a Cookie Policy
  - How to Display the Cookie Lifetime in Your Cookie Policy
  - How to Apply GDPR Protections Only to EU Users or to All Users
  - How to Apply CPRA & CCPA Standards for Californian Consumers within the Generator
  - Adding Services
  - How to Add Services to Your Privacy Policy
  - Using the Site Scanner to Identify Missing Services
  - How to Add a Custom Service and Customize to Your Needs
  - Adding Owner Details
  - What is meant by the identifying details of the Data Controller
  - The Owner Field Within the Generator
  - Languages
  - How to Add Another Language to Your Documents
- Editing/Updating Your Policy
- Embedding Your Policy
  - General
  - Ways to Use iubenda’s Privacy Policy on Your Site and App
  - Standard Embedding
  - Direct Link
  - Direct Text Embedding via JS or API
  - Behavior of iubenda Embedding Options When JavaScript Is Disabled
  - Apps
  - iOS and macOS
  - tvOS (Apple TV)
  - Android
  - How to Add Android and iOS Mobile Permissions for Device Data
  - Make Your Legal Documents Available for Offline Viewing
  - Popular Platforms
  - Amazon Store
  - Bigcommerce
  - ePages
  - Ghost
  - HubSpot
  - Jimdo
  - Joomla!
  - Magento
  - Matomo (Formerly Piwik)
  - PrestaShop
  - Shopify
  - Squarespace
  - Ucraft
  - Webflow
  - Weebly
  - Wix
  - WordPress
  - WordPress.com
  - Advanced
  - How to Configure your Content Security Policy for iubenda
- Troubleshooting and FAQs
Privacy Controls and Cookie Solution
- Introduction
  - Introduction and Getting Started
  - How to Identify the Cookies Your Site Installs in Browsers
- Cookie Banner Setup and Customization
- For US
  - How to comply with US state privacy laws using iubenda
- Installation and Prior Blocking Implementation
- Troubleshooting and FAQs
Terms and Conditions Generator
- What Are the Terms and Conditions and When Are They Needed?
- What Should Basic Terms and Conditions Include?
- Can I use a Terms and Conditions template?
- Creating Your Document
- Editing/Updating Your Document
- Embedding Your Document
  - General
  - How to Integrate iubenda’s Terms and Conditions on your Site and App
  - Make Your Legal Documents Available for Offline Viewing
  - Popular Platforms
  - Amazon
  - Bigcommerce
  - Ghost
  - HubSpot
  - Jimdo
  - Joomla!
  - Magento
  - PrestaShop
  - Squarespace
  - Shopify
  - Ucraft
  - Webflow
  - Weebly
  - Wix
  - WooCommerce
  - WordPress
  - WordPress.com
  - Advanced
  - How to Configure your Content Security Policy for iubenda
- Troubleshooting and FAQs
  - Can I Copy and Paste the Text of the Legal Documents into My Website?
  - Changelog
  - Legal Changelog
Consent Database
- Getting Started
  - Introduction and Methods
  - How to Sync Your Legal Documents
- Implementation
  - JavaScript
  - HTTP API
  - Simple integration guide
  - Popular Platforms
  - HubSpot
  - Joomla!
  - Make (Integromat)
  - Prestashop
  - Shopify
  - Squarespace
  - Webflow
  - Wix
  - Zapier
  - WordPress
  - WordPress (plugin)
  - WordPress (JavaScript method)
  - Elementor (WordPress website builder)
  - Gravity Forms (WordPress form plugin)
  - Advanced
  - How to Configure your Content Security Policy for iubenda
- Troubleshooting and FAQs
  - Delivery Channels
  - Changelog
Register of Data Processing Activities
- Guide to the Register of Data Processing Activities
Resources
- Webinars
- Videos
  - All Video Guides
  - Privacy and Cookie Policy Generator
  - Overview
  - Introduction to the Generator
  - Adding services/clauses to your policy
  - Filling in the owner info
  - Managing languages
  - Editing your policy
  - Removing iubenda branding
  - Embedding your policy
  - Integrating iubenda with WordPress
  - Privacy Controls and Cookie Solution
  - Introduction to the Privacy Controls and Cookie Solution
  - How to customize the cookie banner (basic options)
  - How to customize the cookie banner (advanced options)
  - Transparency and Consent Framework (TCF)
  - Terms and Conditions Generator
  - Overview
  - Consent Database
  - Introduction to the Consent Database
  - Consent Database manual implementation (JavaScript)
  - Consent dashboard in action
  - Register of Data Processing Activities
  - How to use the IPM tool
- Templates
- Cheat Sheets, Checklists and Tests
Account and Billing
Partners and Affiliates
About iubenda

Table of Contents

GDPR Compliance Checklist: 15 things to know

Need a GDPR Compliance Checklist? Look no further than this comprehensive GDPR cheat sheet! 👇

Safeguarding personal data and avoiding hefty fines is crucial in today’s data-driven world. This comprehensive GDPR compliance checklist serves as a valuable resource to assess your compliance status and secure your organization to avoid costly fines.

Firstly, let’s recap what the GDPR is and when it applies.

What is the GDPR?

The GDPR, or General Data Protection Regulation, outlines the lawful processing of personal data, including its collection, usage, and protection. It applies to various entities, such as businesses, nonprofits, and public authorities, operating in the EU or offering goods and services to EU citizens. Compliance with the GDPR is essential to uphold data privacy rights and avoid penalties.

Does the GDPR apply to you?

The GDPR applies to organizations, companies, individuals, corporations, public authorities and other entities – including small businesses, charities and nonprofit organizations – that are either based in the EU, offer goods or services (even for free) to people in the EU, or that monitor the behaviour of people in the EU, either directly or as a third party.

Keep reading for a need to know GDPR compliance checklist!

✅ GDPR Compliance Checklist

Establish a valid legal basis for processing personal data.

Maintain an up-to-date, understandable, and easily accessible privacy and cookie policy on your website or app.

Clearly describe the types of personal data collected and the purposes behind their collection in your privacy and cookie policy.

Accurately list all third parties with whom the data is shared in your privacy and cookie policy.

Inform users of their rights concerning their data in your privacy and cookie policy.

Ensure consent mechanisms are unambiguous and involve an explicit “opt-in” action. Avoid pre-ticked boxes and opt-out mechanisms.

Clearly state your intentions, provide links to your privacy policy, and obtain opt-in consent for various activities through contact, newsletter, and registration forms.

Maintain clear records of consent, including details like the time of consent, preferences expressed, accompanying legal or privacy notices, and the specific form used.

Enable customers to easily request and receive information about the data you hold on them.

Provide accessible means for customers to correct or update inaccurate or incomplete data.

Allow customers to easily to object to specific processing activities.

Facilitate customers in receiving their personal data in a format that can be readily transferred to another company.

Simplify the process for customers to request the deletion of their personal data..

Enable customers to request the restriction of processing their personal data..

Implement robust technologies and procedures to detect, report, and investigate any personal data breach.

Maintain detailed records of data storage, usage, and processing activities, including data retention policies, security measures, legal basis for processing, data transfers outside the EU, and the parties involved in data sharing.

👋

Achieving GDPR compliance is crucial for organizations handling personal data.

By adhering to this GDPR compliance checklist, you can enhance your data protection practices and ensure legal and ethical handling of personal information. Stay proactive in your compliance efforts to safeguard individuals’ privacy rights and maintain a trustworthy reputation in the digital landscape.

Get started with GDPR Compliance

Or learn more about iubenda’s solutions

Start generating

About us

GDPR compliance for your site, app and organization

Documentation