GDPR: What You Should Know and What Jimdo Is Doing

The new GDPR is on everyone’s minds these days, and with good reason. It’s important for you as a website owner to design a Jimdo site that complies with the new EU regulations, and we want to support you in this.

In this post, we’ll summarize aspects of the new General Data Protection Regulation that are particularly relevant for you. Then we’ll explain what updates and new features Jimdo will provide to help you design your site in accordance with the GDPR.

In this article, we introduce you to the new developments that Jimdo is working on to help make your Jimdo website compatible with the GDPR. For third-party widgets and plugins or even statistics etc. further steps may be necessary. Please note that this article does not constitute legal advice.

Topics we’ll cover:

  • Why is the GDPR such a hot topic?
  • Who is affected by the GDPR?
  • How do I find out what data my site is collecting?
  • What does my Privacy Policy need?
  • What about Google Analytics and Jimdo’s Statistics feature?
  • My site is collecting data—what should I do?
  • What new functions does Jimdo offer to help?

Why is the GDPR such a hot topic?

The basic data protection regulation is causing some anxiety for website owners. This is understandable on the one hand, as almost all website owners will have to take certain steps to make their site compliant. However, many half-truths are also being bandied around. This makes it difficult for many website owners to keep track of what steps they have to take.

There is no such thing as a “simple solution” because providers like Jimdo are not legally permitted to offer you legal advice. On the one hand, every single case (and website) is different. And secondly, legal advice is reserved for real experts, namely lawyers.

Nevertheless, we’d like to provide you with the best possible information within the scope of our powers, what you should pay attention to and hope to give you as much clarity as possible!


Create your website


Who is affected by the GDPR?

The GDPR affects anyone with a website that stores/processes/tracks “personal data.” This often happens automatically through different services—we’ll get to that soon. The GDPR understands personal data as (among other things):

  • First name and last name
  • Address
  • Email address
  • Birthdays
  • Bank accounts
  • Location data
  • IP addresses
  • Cookie ID

This definition means that virtually all website owners and shop owners have to review their site and adapt it, where necessary.

A website is affected by the GDPR if:

  • IP addresses of website visitors are transmitted/stored
  • There’s a comment function where you can input an email address
  • Visitors can comment
  • There’s a contact form
  • There’s a subscription or a newsletter subscription
  • The behavior of visitors is analyzed through tracking and cookies
  • It uses social media plugins that don’t offer a two-click solution to limit tracking

How do I find out what data my site is collecting?

The following questions can help you figure out what data you are collecting—perhaps without even realizing:

  • What data do I collect/process/use on my website?
  • In which way do I collect this data?
  • Do I have a contact form? Guestbook? Blog?
  • Do I use Google Analytics or another statistics tool on my site? This also includes the Jimdo Statistics function, if you’ve activated it.
  • What third-party widgets and plugins did I integrate on my site? There are several browser add-ons that can assist you such as Ghostery or Privacy Badger that will display the cookies being used on your website plus all the services you have integrated.
  • What services/products do I sell on my Jimdo website?
  • Will products be created through my Jimdo website? (e.g. digital merchandise).
If any of your answers indicate that you collect personal data, in general, or through these services, the new GDPR rules will affect you. You can try out this self-assessment tool to give you a better idea of what you need to check.

What content is recommended for your Privacy Policy?

The GDPR also provides new guidelines for your Privacy Policy. A Privacy Policy is like a personal letter to your customer in which you specify and describe how you intend to handle your site visitors’ and customers’ personal information. Fortunately, there are some nice Privacy Policy generators available online. You can use tools such as or the Iubenda Privacy and Cookie Policy generator to help put together your (new) privacy statement.

It’s generally recommended that your Privacy Policy include:

  • The purpose/reason(s) of the data processing
  • The name and contact details of the person responsible and the data protection officer
  • The legal basis for the data processing
  • The recipients of the data
  • The retention period of the data
  • If applicable, the extent to which you give your data to third parties (possibly in a third country or internationally).
  • The rights to information and/or deletion of data
  • The statement of the right to complain to the data protection supervisory authority
  • If necessary, the reference to Google Analytics

What about Google Analytics and Jimdo’s Statistics feature?

If you use Google Analytics, make sure to say so in your Privacy Policy. Another mandatory element is the so-called “opt-out”—the possibility for a visitor to object to the data collection (as we’ll explain further on).

If you use your own Google Analytics account, it may be necessary to sign the data processing contract/addendum with Google. You can complete this directly in your Google Analytics account.

Jimdo’s own Statistics function is based on Google Analytics. If you only use this Jimdo feature, it’s sufficient to sign the data processing contract with Jimdo, as Jimdo has already signed a contract with Google.

My site is collecting data—what should I do?

Once you’ve determined that you’re collecting personal data (see definition under “Who is affected by the GDPR?) from your website, the next step is to consider:

  1. Whether this is in compliance with the GDPR or
  2. Whether you should remove the applications concerned.

For external applications such as widgets etc. it’s best to check with the respective provider, to what extent their services comply with the GDPR. We recommend speaking (additionally) with a legal expert.

For Jimdo features, including but not limited to the Guestbook Element or cookies, Jimdo is making certain changes that allow you to customize these features to comply with the GDPR. More in the next section.

There are several browser add-ons that can assist you such as Ghostery or Privacy Badger that will display the cookies being used on your website plus all the services you have integrated.


Create your website


What new functions does Jimdo offer to help?

Jimdo is currently changing or adapting various parts of our platform within the framework of the GDPR. This includes  (among others) some concrete functions that we’ll add to the system to help you to make your website compliant with GDPR:

Important: Please check whether these functions are relevant for you and adjust them where appropriate.
  • A link to the Privacy Policy will automatically be added to your Contact Forms and Guestbook.
  • A customizable Cookie Banner (“pop-up”)
  • A new subpage for your own statement on how your site uses cookies. This page will appear automatically and have an opt-out feature that lets visitors opt out of certain cookies.
  • An editable Privacy Policy with formatting options.
  • Checkbox with the linked Privacy Policy for all forms
  • “Shariff”: A two-click solution for social media features to limit their tracking.

Where can I find more information?

There’s more information on the GDPR and Jimdo in our Support Center. There you’ll also find a list of recommended links for more details on the new General Data Protection Regulation. Also check out our very own Legal Text Generator from Jimdo and Trusted Shops!

We understand how difficult and time-consuming it is to get through the legal jargon of a new regulation. So we hope this article helps add some clarity to your GDPR preparations for your website.

As entrepreneurs, you’re always faced with challenges and this is just one more that we know you can overcome!