Find out in 30 minutes how Dipeeo helps you comply with the GDPR and the AI Act.
To process your request, we need to process your personal data. Find out more about the processing of your personal data here.
A GDPR digital agency GDPR personal data on behalf of its clients. It therefore acts as processor the meaning of the GDPR.
📌 As a matter of law, and in accordance with the General Data Protection Regulation (GDPR), as soon as it processes personal data on behalf of a client, an agency is considered to be a processor of that client , who is considered, in turn, to be the data controller. The latter will have GDPR obligations linked to the fact of having outsourced the processing and management of part of its personal data.
📕 The GDPR has set up a management process that involves all organizations that contribute to the processing and management of personal data. These organizations can be public or private, and this also concerns processors. What's more, the role of the latter is to help data controllers with their GDPR compliance process. Incidentally, the CNIL (National Commission for Information Technology and Civil Liberties) article covers the subject in more detail.
⚠️ Whether you are processor data processor a data controller, you riskpenalties ifyou lack knowledge of the GDPR processing the personal data of yourclients employees on a daily basis. In other words, if your digital agency is not GDPR, you risk receivingcomplaints fromyour clients prospects, or from your competitors. And it’s important to note that if you receiveGDPR complaints, they will likely be followed by an audit by the CNIL (National Commission for Information Technology and Civil Liberties).
🚀 For more details on the subject, you can book a APPOINTMENT with one of our experts.
It's free! 😉
📌 In our article on GDPR compliance GDPR , you’ll learn why GDPR compliance is so important for any business, regardless of its size. After all,a websiteis an essential tool for promoting your products and services to the general public.
Depending on your activity and the number of services or brands, the number of websites required may vary.
💼 Many companies place blind trust in their digital agencies for everything that goes into making a website. This includes technical and semantic optimization, SEO whether natural or paid, UX design... The problem is that even the legal-technical aspects are part of this, even though this is not a digital agency's core business, and they probably don't have the legal competence in-house.
😯 In the event of an inspection by the CNIL (National Commission for Information Technology and Civil Liberties) , at the very least, acomplaintfroma prospective client, the client naturally client to their digital agency for guidance on what to do. This is why a digital agency that handles the creation of GDPR documents must have genuine expertise and a solid foundation in the subject matter in order to provide the client with answers.
📌 For your website, digital platform or e-Commerce platform to be GDPR compliant, you should have a few documents at your disposal. On every website, at the bottom, there should be the set of compliance documents and GDPR compliance in particular. This part is called the "Footer".
🔥 At least three links must be present:
In fact, our articleon GDPR compliance GDPR websites coversthe topic in detail.
🚀 Firstly, the main purpose of the Privacy Policy is to inform your users about the personal data you collect. This is one of the fundamental pillars of the GDPR.
In this document, you must provide information on the type of data collected, how it is used, and how long it will be Data retention. In addition, you need to add information on data rights : access to data, and all cases, including the death of the user.
Please note that the privacy policy and the legal disclaimer are two different things. This means that one document does not have to be included in the other.
📕 This applies to the Privacy Policy, the Cookie Policy must also be separate from any other document. You must therefore create a standalone page, and a dedicated link must be provided to it. As its name suggests, the Cookie Policy allows you to inform your users about the categories of cookies present on your website, as well as their nature.
😯 By creating a Cookies Policy and a Privacy Policy, note that you've done 95% of the work of GDPR compliance.
📜 All that's left is the legal disclaimer, and that's only when you have a newsletter or a form that requires registration. In this case, it's mandatory to mention below your form that " by clicking, you agree to receive our newsletter. For further information, please consult our privacy policy. ". And you've got it, you need to insert a link to your Privacy Policy. A document you've already created.
💻 Lastly, to ensure compliance, you need to install a cookie banner on your website. The aim here is to summarize your Cookies Policy. On the other hand, the cookies required to display the site (technical) do not require consent. These are tracers that do not require consent. To better understand the difference, please consult our article Cookies banner which covers the subject in detail.
📕 An organization's GDPR compliance approach mainly depends on its activity, its tools and, above all, its practices around the personal data it processes. This is an opportunity for any organization to take a close look at its digital practices and services, so that the protection of personal data is well and truly taken into consideration.
💻 Admittedly, bringing a website, e-commerce platform or digital platform into GDPR compliance isn't extremely complex. On the other hand, for the company owning this site or platform to comply with the General Data Protection Regulation, it must imperatively follow a compliance process.
🔥 On this subject, the CNIL (National Commission for Information Technology and Civil Liberties) states that to be GDPR compliant, any organization must go through a few steps that contribute to achieving compliance. Steps that must be successive and that enable the implementation of actions that must, in turn, endure over time. Our article GDPR Compliance describes the entire GDPR compliance process, with examples.
⚠️ The usefulness of having an internal DPO , or consulting an outsourced one, is becoming increasingly important as soon as personal data is processed. This is why the Dipeeo has set up a GDPR compliance service.
💼 Given their core business of creating websites for their clients, most digital agencies also undertake to produce GDPR documents and this is true whether for sites, e-Commerce platforms or digital platforms.
🔥 This therefore consists of creating several documents particularly with regard to the privacy policy, cookie policy, legal notices, cookie banner... Documents whose main objective is to comply with GDPR.
😯 On the other hand, this is a complex subject for digital agencies, since they have no in-house legal expertise. Most of them often choose to copy and paste this information from the websites of companies with similar activities. This results in the delivery of non-compliant documents, with no protection against GDPRrisks...
📌 To find out more about this topic, please contact us, or arrange a APPOINTMENT with us. It's free! 😉
🚀 In addition, Dipeeo will be launching a service that will be available on 01/01/2023 that enables digital agencies to produce all the legal documents for a website themselves and for their clients. This will not only enable GDPR compliance of clients' websites, but also and above all, a very good result in terms of bringing value to end clients . This will save time and improve your digital agency's brand image.
📌 All this and more, thanks to the Dipeeo Document Generator !
This will save you time and secure your business, at a cost almost 3 times lower than a law firm.
