Privacy Talk

Pdf version Archive Subscribe
Your business • December 2020

Launching a website: tips & tricks.

What you need to know.

Launching a website for your company is always associated with new processing activities. This is definitely the case when your site offers a webshop and visitors can create an account and make online purchases. But you are also processing personal data when visitors can contact you via the website or subscribe to your newsletter, or when you allow social media plugins to share the content of your site.

The recommendation of the authorities is that every website should contain a privacy statement. This privacy statement should have a clear title (« Privacy » or « Privacy Policy ») and be accessible via every page of the site (via the footer). The privacy statement must contain the mandatory information provided for in Article 13 GDPR about all processing activities on your website (e.g. purchases, newsletter, contact, cookies), but you can also opt to make all of your privacy statements (e.g. also for applicants, suppliers, etc.) available centrally on your site. The privacy statement(s) must be available in all languages in which you make the website available.

If your website uses non-essential/non-functional cookies (i.e. analytical cookies, advertising cookies and social media plugins), you must obtain the visitor's consent via a cookie banner or pop-up on the landing page. The permission must be given per category of cookies. These cookies cannot be placed before the visitor has given his or her consent. Nor can access to the website be refused if the visitor decides not to accept the cookies in question. The website must contain a cookie statement that provides the visitor with more information about the cookies used on your site. The visitor must be able to change his or her cookie preferences at any time (e.g. via the same cookie banner or pop-up). 

When visitors can subscribe to your newsletter via the website, you must obtain valid permission. This consent must meet the requirements of the GDPR (freely given, specific, informed and unambiguous). You can offer an incentive to visitors (e.g. a discount on the first purchase) as long as the incentive is limited and is not withdrawn when the visitor unsubscribes. The visitor must also clearly know what he or she is agreeing to and must take a clear action (e.g. enter an e-mail address, tick a box). The place where consent is given always contains a link to the privacy statement on the website.

Launching a website often entails cooperation with third parties (web developers, providers of marketing tools, live chats, etc.). They usually qualify as processors, and therefore a data processing agreement within the meaning of Article 28 GDPR must be concluded with them. If your website offers a platform for other companies to sell products, or contains elements that allow social media platforms or other companies to conduct online marketing, there may be a joint processing responsibility. In that case, the necessary arrangements must be made in accordance with Article 26 GDPR (e.g. who provides the privacy statement, who responds to requests from data subjects, etc.).

What you need to do.

When you launch a (new) website, always go over the following checklist of the most important points of attention:

- Map out all processing activities on your website and include them in a privacy statement. Check whether it is useful to also publish other processing activities/privacy statements on your site. If you have physical stores where customers can create a loyalty card, it may be easier to provide a QR code on the card that links to the privacy statement on your website, rather than to make physical versions available in-store. If there is camera surveillance within your company, the camera surveillance icon can easily refer to your website for more information. In your supplier contracts you can include a link to the website instead of providing a privacy statement in attachment. Link to the privacy statement(s) via the footer of your website, and provide the necessary translations if your site is available in multiple languages.

- Contact your web developer to work out a cookie policy. Your web developer can help you identify precisely which cookies are being used on your website. Provide the developer with the necessary texts so they can be processed into a cookie banner or pop-up and a cookie statement that is linked to it. Again, furnish the necessary translations.

- Work out a correct method for subscribing to your newsletter. In addition to the commercial text inviting the visitor to subscribe - with or without a (limited) incentive - provide a clear statement to the effect that « by providing my e-mail address/ticking this box, I agree that my personal data may be used for this purpose in accordance with the privacy policy ».

- Identify all of the companies you work with for the website in order to make the necessary contractual arrangements in good time. These contracts must be signed before the processing (i.e. the launch of your website) begins. These companies usually have a template agreement available; if not, you can provide your own template.    

Please consult our website or contact one of our team members if you have questions or require more information:

Laurence Vanhyfte

counsel
laurence.vanhyfte@contrast.law

Have a look at our 'GDPR toolkit'

GDPR toolkit

Receive our ‘Privacy Talk’ directly in your inbox

Subscribe

Discover the previous issues in our Archive

Archive
In the Picture - November 2024

Nuts and bolts: the new EU repair rules
Books

Burgerlijk wetboek / Code civil
Articles

FIFA moet transferregels aanpassen na uitspraak Hof van Justitie in zaak-Diarra
More Newsletter

Log into your account

Forgot password? Not a member yet?

Forgot password?

Request a new password by providing your email address.

Log into your account

Password reset

Enter your new password.

Password registration

Enter a password to protect you personal pages.

Activate your account

Activate your account by providing your email address.

Thanks

You will receive an email with a link to enter a new password.

Close

Thanks

Your new password is successfully saved.

Close
Close

Cookies

This website uses cookies to improve your browsing experience and to better tailor the website to your preferences. For more information about cookies and the list of cookies used on this website, see our Cookie Statement.

Below you can indicate your cookie preferences:

ON

Essential cookies are cookies that are necessary for the correct functioning of the website (e.g., to avoid overload on the website, keeping it functional and accessible). These cookies can be placed without your consent.

ON

Functional cookies are cookies that are necessary to improve your browsing experience or to provide a functionality explicitly requested by you (e.g. remembering your settings). These cookies can also be placed without your consent.

Analytical cookies are cookies that collect information about how you use the website to improve search engine hits and the functioning of the website (e.g. we see how visitors move around the website when they are using it to ensure that visitors find what they are looking for easily). These cookies are only placed if you have given your consent.

Advertising cookies are cookies that collect information about your surf and search behaviour in order to offer you personalised advertising in ad spaces on websites based on your personal interests. These cookies are only placed if you have given your consent.

Social media cookies are cookies that make it possible to share certain features from the website on social media networks (e.g. Facebook). Furthermore, these cookies collect information about your surf and search behaviour on the website in order to offer you personalised promotions and advertising about our products on these social media networks. These cookies are only placed if you have given your consent. It is possible that these social media networks also use the information they collect through these cookies for their own purposes. You can find more information about this in the privacy statements of the respective social media networks.

   

You can always change these preferences via your Cookie preferences.