Iubenda Partner

Overview

Websites and apps must always comply with certain requirements imposed by law. Failure to comply with the legal requirements, can result in serious penalties including substantial fines, audits and potential litigation.

For this reason we have chosen to rely on iubenda, a company built on both legal and technical expertise, that specializes in this sector. Together with iubenda, of which we are Certified Partners, we have developed a proposal to offer all our customers a simple and safe solution to their compliance needs.

Legal Stuff

Privacy and Cookie Policy

The law obliges each site/app that collects personal data to disclose relevant details to users via dedicated privacy and cookie notices.

Privacy policies must contain certain fundamental elements specific to your particular processing activities, including:

the contact and identifying details of the data controller;
which personal data is being processed;
the purposes and methods of processing;
the categories of sources from which consumers’ data is being collected;
the legal bases of processing (e.g., consent);
the third-parties that may also access the data — this includes any third-party tools (e.g., Google Analytics);
details relating to the transfer of data outside the European Union (where it applies);
the rights of the user;
description of notification process for changes or updates to the privacy policy;
the effective date of the privacy policy.

The cookie policy specifically describes the different types of cookies installed through the site, any third-parties to which these cookies refer – including a link to the respective documents and opt-out forms – and the purposes of the processing.

EU Cookie Law

In addition to providing an easily available and accurate cookie policy, in order to adapt a website to the cookie law, it is also necessary to show an informative cookie banner which links to a detailed cookie policy at the first visit of each user, giving the user the opportunity to either reject or grant consent to the installation of cookies. Most types of cookies, including those issued by tools such as social sharing buttons, should only be released after the user have provided a valid consent.

Furthermore, many third-party vendor networks may limit ad reach if you do not have a cookie management system that meets industry standards in place — potentially reducing your ability to generate ad revenue.

CCPA

CCPA requires that businesses inform California users about how and why their data is being used, their rights in regards to this and how they can exercise these rights – including the right to opt-out. In order to comply with these requirements, you need to include both the relevant disclosures within your privacy policy and display a notice of collection at the first user’s visit (where applicable).

The process which allows the user to opt-out should be facilitated via a “Do Not Sell My Personal Information” (DNSMPI) link which should be accessible from your notice of collection and elsewhere on your site (best practice would be to also include the link in the footer).

Consent according to GDPR and LGPD

When a user directly enters personal data on a site/app, for example by filling in a contact form, service registration or newsletter subscription, it is necessary to collect consent that is freely given, specific and informed. Under the GDPR, it’s also necessary to keep unambiguous records that allow you to demonstrate that valid consent was collected.

Similar to the GDPR, the Brazilian LGPD also requires the data controller to provide an unambiguous proof of consent, giving evidence that the user’s consent was collected by a valid means.

You must obtain consent for each specific processing purpose – for example, a consent to send newsletters and another consent to send promotional material on behalf of third-parties. Consent may be requested by setting up one or more checkboxes that are not pre-selected, not mandatory or coerced (freely given) and accompanied by relevant disclosures that make it clear to the user how his or her data will be used.

Terms and Conditions

In certain circumstances it can be necessary to protect your online business from potential liabilities with a Terms and Conditions document. Though not always legally required, Terms and Conditions set the way in which your product, service or content may be used, in a legally binding way.

The Terms and Conditions typically contain copyright clauses, disclaimers, terms of sale, allow you to set governing law, list mandatory consumer protection clauses, and more.

The Terms and Conditions should at least include:

the identification of the business;
a description of the service that your site/app provides;
information on risk allocation, liability, and disclaimers;
warranty/guarantee information;
the existence of a withdrawal right;
safety information, including instructions for proper use (e.g., terms of delivery of product/service);
rights of use;
conditions of use/purchase (e.g., age requirements or location-based restrictions);
refund policy/exchange/termination of service and related information;
information related to methods of payment.

Because they are essentially a legally binding agreement, it is not only important to have one in place, but also necessary to ensure that it meets legal requirements and it matches your specific business processes, model, and remains up-to-date with the various laws referenced in its contents. Copy-pasting Terms and Conditions from other sites is very risky and could result in the document being void or unenforceable.

Solutions

Thanks to our partnership with iubenda, we can help you configure everything you need to make your site/app compliant. iubenda is in fact the simplest, most complete and professional solution to comply with regulations.

Privacy and Cookie Policy Generator

With iubenda’s Privacy and Cookie Policy Generator we can prepare a fully customized, self-updating policy for your site/app. iubenda’s policies are generated starting from a database of clauses drafted and continuously reviewed by an international team of lawyers.

Cookie Solution

The iubenda Cookie Solution is a comprehensive solution to meet EU Cookie Law, CCPA and any other third-party requirements by facilitating the display of a GDPR-compliant cookie banner or a CCPA notice of collection at each user’s first visit, the preventive blocking of the profiling cookies and the collection of users’ consent to the installation of cookies. It also supports opt-out from sale for Californian users via a “Do Not Sell My Personal Information” link.

Consent Solution

iubenda’s Consent Solution allows the collection and storage of an unambiguous proof of consent whenever a user fills out a form – such as a contact form or newsletter subscription – on your website or app, as required by the GDPR and the Brazilian LGPD.

The solution can also be used to document opt-out requests from Californian consumers, as imposed by the CCPA.

TERMS AND CONDITIONS Generator

With iubenda’s Terms and Conditions Generator we can prepare a fully customized, self-updating T&C document for your site/app. iubenda’s Terms and Conditions are generated starting from a database of clauses drafted and continuously reviewed by an international team of lawyers.

Iubenda Partner

On This Page:

Overview

Legal Stuff

Solutions

Overview

Legal Stuff

Privacy and Cookie Policy

EU Cookie Law

CCPA

Consent according to GDPR and LGPD

Terms and Conditions

Solutions

Privacy and Cookie Policy Generator

Cookie Solution

Consent Solution

TERMS AND CONDITIONS Generator