Iubenda Certified Partner
Simple, reliable solutions for the legal compliance of websites and apps.
Websites and apps must comply with specific legal obligations. Lack of compliance can expose you to significant penalties.
To provide a complete and always up‑to‑date solution, I partner with Iubenda – a specialized company with both legal and technical expertise – of which I am a Certified Partner.
Together with Iubenda, we’ve designed a clear path to help you stay compliant in a simple and safe way.
Key legal requirements for websites and apps
Privacy and Cookie Policy
Any site/app that collects data must inform users through comprehensive privacy and cookie policies.
- Types of personal data processed
- Legal bases for processing
- Purposes and methods of processing
- Recipients of personal data
- Any data transfers outside the EU
- Data subject rights
- Controller’s identification details
Generic documents are not suitable: the policy must describe in detail your data processing and technologies (e.g., social buttons, maps, analytics tools).
It’s rare for a site not to process any data: even a contact form or Google Analytics makes policies mandatory.
Cookie Law
You must show a banner on first visit and obtain valid consent before setting non‑essential cookies.
What is a cookie?: Cookies store information in the user’s browser during navigation. Many third‑party services (e.g., YouTube embeds or sharing buttons) use them and require consent management.
Consent (GDPR/LGPD)
If users can enter data (e.g., contact forms, newsletter subscriptions), you must collect freely given, specific and informed consent and store proof of it.
Freely given, specific and informed consent
- Separate consents for different purposes (e.g., newsletter and third‑party marketing)
- Unchecked checkboxes and clear explanatory texts
Proof of consent
- Unique user identifier
- Copy of the presented form and accepted contents
- Version of the accepted privacy policy
A simple contact email is not sufficient proof.
CCPA (California)
Requires information on how and why data are used and the right to opt out (link ‘Do Not Sell My Personal Information’).
It may apply even to non‑California organizations; IP addresses are personal data and sites with relevant traffic from California may fall within scope.
Terms and Conditions
Useful and often mandatory (e.g., e‑commerce) to define rules, liabilities and sales/usage conditions.
- Business identification details
- Service description
- Risk allocation, liabilities and releases
- Warranties and right of withdrawal (where applicable)
- Security and usage rights
- Usage or purchase conditions
- Refund/replacement/suspension policies
- Payment methods
Copying T&Cs from other sites is risky: they may not fit your business model or applicable laws.
How I can help with Iubenda’s solutions
Thanks to the partnership with Iubenda, I can configure what’s needed to make your site/app compliant.
Privacy and Cookie Policy Generator
Custom policies based on a clause database curated by an international team of lawyers.
Cookie Solution
Banner, prior blocking of profiling cookies and valid consent collection. Includes CCPA adjustments (link ‘Do Not Sell My Personal Information’).
Consent Solution
Collection and storage of proof of consent (GDPR/LGPD) for forms like contact/newsletter, plus handling of CCPA opt‑out requests.
Terms and Conditions Generator
Tailored, up‑to‑date T&Cs built on your specific needs and business model.