What is the GDPR – And Why Do I Have to Comply?
The General Data Protection Regulation is a stringent data privacy and security law that imposes certain obligations on companies that target or collect data on EU citizens.
In simpler terms, this law says “if you target EU citizens with your business and collect their private data – email address, names, phone number, etc. – you must tell them WHAT you are collecting and HOW you use it”.
How to Become GDPR Compliant
The GDPR is 88 pages, so we can’t explain the minute details.
As it relates to your website, however, compliance is relatively simple and straightforward.
- Phone number
- Credit card details
- IP address
- Browsing data
Your policy must also include HOW you use this data. For example, if you share this data with any apps or analytics software, or use it for remarketing.
GDPR, CalOPPA, and COPPA
Failure to comply with these regulations could result in the same types of penalties you could receive under the GDPR.
- GDPR: The EU’s data privacy law.
- COPPA: COPPA is a US law that imposes specific requirements on operators of websites that collect data on visitors under the age of 13. We heavily recommend complying with this law if you think your site caters to such visitors.
And this all comes at a fraction of the price of hiring a lawyer. Though if you are a large organization with complex requirements, we highly recommend hiring a legal professional.
Just beware: Not all websites were as good as advertised. And many did not produce a compliant policy. Stick to those our team has analyzed.
Their simple policy generation mechanism is so easy that your document builds itself. Don’t know what you need to write into your policy? Don’t worry, TermsFeed asks you a series of simple questions, and produces your policy according to your answers to questions that you do know.
That way, you can be sure no necessary information is left out. We also love how transparent they are – all prices are clearly visible, so you aren’t surprised when checkout time comes.
Accuracy, detail, legal compliance, and usability are all top-notch. The only downside is you pay for what you get!
BONUS: TermsFeed works on a one-time fee model. Pay once, and your document is yours forever. That’s a huge plus over other sites that make you pay monthly.
Want to know more about the services they offer? Check out our Termsfeed Review.
GetTerms – An Affordable Alternative
GetTerms is affordable ($29), fast (About 5 minutes), and relatively easy to navigate. It also has the best UX of any platform we reviewed. For you, that means you can fully protect your business for $29, and everything is taken care of in about 10 minutes.
- Third-party options
- Log data
- Device data
There are three plans available – free, $15, and $29 – but only the $29 “Comprehensive Pack” is fully GDPR compliant. Our legal team wasn’t blown away by the level of detail, but our test document included all of the essential clauses your business needs.
The downside is that you have to manually choose the clauses/information needed in your document, which could leave you open to issues.
It only takes about 10 minutes (A tedious 10 minutes) to generate a comprehensive policy with all of the proper details, and it’s all 100% free with a few catches.
Now for the dealbreaker.
You also can’t access the cookies consent suite (Mandatory for sites/apps in the EU) without upgrading.
Aside from Termly’s high level of detail, the user interface is intuitive and straightforward, so you won’t have to do much thinking (Our preference!).
The only downside outside of the pricing model is that you have to fill in a lot of information yourself, unlike TermsFeed that asks the questions for you. That requires you to have a bit more knowledge of the GDPR and your business itself.
Your policy will be self-updating, meaning you never leave yourself open to liability should the law ever change. As a large organization, it’s nearly impossible to stay on top of all regulations in every jurisdiction. Instead of keeping track of international regulations yourself and hiring someone to update your policy, Iubenda updates your policy for you. Pretty cool!
It lets you choose from 700+ unique clauses for every possible business activity, all drafted by an international legal team.
Iubenda is another service that takes most of the heavy thinking out of generating your policy.
Like TermsFeed, it asks you a series of questions. For example, which services you offer. From there, it adds a tiny sliver to your policy. Eventually, you have a fully compliant document based on your answers.
Just be aware that attorney-level solutions and self-updating policies come at a price. GDPR compliance starts at $39/mo!
Now for the downside.
No free service will ever offer the full value of GDPR compliance for free. You’ll still have to fill in certain details yourself or hire someone else to do it. If you are looking for alternatives, check our Terms and Conditions Generator Review.
But once you’re done, you can just download your policy and host it on your website:
After a review from our legal team, we determined that the policy was not all-encompassing and that several details were omitted. However, it did include cookies, third parties, and other GDPR information, so we’ve included it on this list.
Their generator has been recently updated to include GDPR compliance, and the company even sends you recommendations in your email to fill out the policy to make it fully compliant.
Shopify encourages you to sign up for a free trial of their service. Feel free to sign up or skip – it’s up to you. As the world’s leading eCommerce platform, Shopify can be trusted to provide a policy that fosters trust from customers and protects you from liability.
However, just remember that the basic policy they send to your email IS NOT complete yet.
Q: Is TermsFeed legitimate?