Iubenda logo
Start generating


Table of Contents

5 things you need to do now to comply with GDPR

How to comply with GDPR? Compliance can be difficult to achieve if you don’t know where to start.
Here you’ll find 5 easy things you can do to help with GDPR compliance. Let’s start!

how to comply with gdpr, iubenda

How to comply with GDPR

You can’t start collecting and processing users’ data without a legal basis, that is the legal reason for doing so. The GDPR has six legal bases and yours MUST genuinely apply to your particular business and processing activity. 

2. Create a privacy policy

Now that you have your legal basis, you need to create a document to inform your users about your activities. More specifically, you need to disclose why you’re processing personal information and how you do it: it’s a crucial step in how to comply with GDPR. That’s what a privacy policy is for!

Introducing our Site Scanner!

From the dashboard within the Privacy and Cookie Policy Generator:

  • Click on Scan website and auto-detect services
  • site scanner
  • Get your report
  • Add the services to your privacy policy!

3. Keep GDPR records of the consents you collect 

If you’re relying on consent as your legal basis, there are a few rules. Since consent is such a big deal, the GDPR requires that you keep clear and detailed records of consent. You need to be able to prove that you’ve acquired consent lawfully, and records can help you with that.

4. Record your processing activities

Moreover, you may need to keep a record of how you store and use the data you collect from users. This means data retention policy for each processing activity, security measures, legal basis for processing, data transfer outside the EU, and the parties that you share the data with. 

5. Appoint a DPO

If your company’s activity falls under specific categories, you need to appoint a Data Protection Officer (DPO). The DPO ensures that the personal data of their organization’s employees, customers, providers, or other individuals is processed following the applicable data protection rules. 

Do I need to do all this on my own?

No, not necessarily. We know that GDPR compliance can be tough, so you can either choose to consult with a legal expert, or rely on quality software, like iubenda!

iubenda can help you achieve GDPR compliance with a comprehensive set of tools:

  • the Privacy and Cookie Policy Generator, to create your legal documents;
  • the Privacy Controls and Cookie Solution and the Consent Database, to manage and record consent for cookies and web forms;
  • the Internal Privacy Management tool, to create your records of processing activities. 

Get started with GDPR-compliance

Start generating

About us


GDPR compliance for your site, app and organization


Read also