The new GDPR is on everyone’s minds these days, and with good reason. It’s important for you as a website owner to design a Jimdo site that complies with the new EU regulations, and we want to support you in this.
In this post, we’ll summarize aspects of the new General Data Protection Regulation that are particularly relevant for you. Then we’ll explain what updates and new features Jimdo will provide to help you design your site in accordance with the GDPR.
Topics we’ll cover:
- Why is the GDPR such a hot topic?
- Who is affected by the GDPR?
- How do I find out what data my site is collecting?
- What about Google Analytics and Jimdo’s Statistics feature?
- My site is collecting data—what should I do?
- What new functions does Jimdo offer to help?
Why is the GDPR such a hot topic?
The basic data protection regulation is causing some anxiety for website owners. This is understandable on the one hand, as almost all website owners will have to take certain steps to make their site compliant. However, many half-truths are also being bandied around. This makes it difficult for many website owners to keep track of what steps they have to take.
There is no such thing as a “simple solution” because providers like Jimdo are not legally permitted to offer you legal advice. On the one hand, every single case (and website) is different. And secondly, legal advice is reserved for real experts, namely lawyers.
Nevertheless, we’d like to provide you with the best possible information within the scope of our powers, what you should pay attention to and hope to give you as much clarity as possible!
Who is affected by the GDPR?
The GDPR affects anyone with a website that stores/processes/tracks “personal data.” This often happens automatically through different services—we’ll get to that soon. The GDPR understands personal data as (among other things):
- First name and last name
- Email address
- Bank accounts
- Location data
- IP addresses
- Cookie ID
This definition means that virtually all website owners and shop owners have to review their site and adapt it, where necessary.
A website is affected by the GDPR if:
- IP addresses of website visitors are transmitted/stored
- There’s a comment function where you can input an email address
- Visitors can comment
- There’s a contact form
- There’s a subscription or a newsletter subscription
- The behavior of visitors is analyzed through tracking and cookies
- It uses social media plugins that don’t offer a two-click solution to limit tracking
How do I find out what data my site is collecting?
The following questions can help you figure out what data you are collecting—perhaps without even realizing:
- What data do I collect/process/use on my website?
- In which way do I collect this data?
- Do I have a contact form? Guestbook? Blog?
- Do I use Google Analytics or another statistics tool on my site? This also includes the Jimdo Statistics function, if you’ve activated it.
- What third-party widgets and plugins did I integrate on my site? There are several browser add-ons that can assist you such as Ghostery or Privacy Badger that will display the cookies being used on your website plus all the services you have integrated.
- What services/products do I sell on my Jimdo website?
- Will products be created through my Jimdo website? (e.g. digital merchandise).
- The purpose/reason(s) of the data processing
- The name and contact details of the person responsible and the data protection officer
- The legal basis for the data processing
- The recipients of the data
- The retention period of the data
- If applicable, the extent to which you give your data to third parties (possibly in a third country or internationally).
- The rights to information and/or deletion of data
- The statement of the right to complain to the data protection supervisory authority
- If necessary, the reference to Google Analytics
What about Google Analytics and Jimdo’s Statistics feature?
If you use your own Google Analytics account, it may be necessary to sign the data processing contract/addendum with Google. You can complete this directly in your Google Analytics account.
Jimdo’s own Statistics function is based on Google Analytics. If you only use this Jimdo feature, it’s sufficient to sign the data processing contract with Jimdo, as Jimdo has already signed a contract with Google.
My site is collecting data—what should I do?
Once you’ve determined that you’re collecting personal data (see definition under “Who is affected by the GDPR?) from your website, the next step is to consider:
- Whether this is in compliance with the GDPR or
- Whether you should remove the applications concerned.
For external applications such as widgets etc. it’s best to check with the respective provider, to what extent their services comply with the GDPR. We recommend speaking (additionally) with a legal expert.
For Jimdo features, including but not limited to the Guestbook Element or cookies, Jimdo is making certain changes that allow you to customize these features to comply with the GDPR. More in the next section.
What new functions does Jimdo offer to help?
Jimdo is currently changing or adapting various parts of our platform within the framework of the GDPR. This includes (among others) some concrete functions that we’ll add to the system to help you to make your website compliant with GDPR:
- A customizable Cookie Banner (“pop-up”)
- “Shariff”: A two-click solution for social media features to limit their tracking.
Where can I find more information?
There’s more information on the GDPR and Jimdo in our Support Center. There you’ll also find a list of recommended links for more details on the new General Data Protection Regulation.
We understand how difficult and time-consuming it is to get through the legal jargon of a new regulation. So we hope this article helps add some clarity to your GDPR preparations for your website.
As entrepreneurs, you’re always faced with challenges and this is just one more that we know you can overcome!