If you deal with websites for work, you have surely at least heard of Iubenda. If you want to know everything there is to know about its services, this is the article for you! We would like to point out that this is not a comprehensive and exhaustive guide that will protect you from possible penalties, as legislation is changing and you need to continually bring your websites in line with current regulations. It will, however, be an excellent starting point.
What is Iubenda
Iubenda is a popular system (it has more than 130 thousand users) that allows you to easily and quickly create privacy and cookie policies for websites and applications to bring them into compliance with what is required by your country’s regulations and the obligations imposed by the GDPR. It is also among the few services that integrates with the Google tag manager consent mode, making it a cutting-edge service.
It is a start-up that was established in 2011 and whose services have since spread worldwide, proving its effectiveness, competitiveness and ease of use.
What is iubenda for
Iubenda is an Italian platform that offers a service aimed at producing privacy and cookie policies, as well as Terms and Conditions and storing consents with a registry in line with regulations. That for websites and mobile apps. From the platform’s dashboard, it is possible to generate a cookie and privacy policy in order to bring a site or app into compliance with the law, and there is a fairly detailed guide on how to set this up. Right from the start, it is good to point out that if you want to be 100% sure that you are in line with the regulations, you need to have a final check done by a DPO (Data Protection Officer) a figure introduced by the General Data Protection Regulation 2016/679 | GDPR, who is specialized in verifying full compliance with the regulations
What Iubenda allows you to manage
Iubenda allows you to create:
- Privacy and Cookie Policy: is used to create your privacy and cookie policy in minutes.
- Cookie Solution: will help you manage consent preferences as required by the ePrivacy directive (by GDPR and CCPA).
- Pop-up informing you about installed cookies (customizable in text and aesthetics) equipped with a button to accept or deny cookie installation
- Terms and Conditions: for ecommerce allows you to automatically create your own terms and conditions in minutes.
- Consent Solution: allows you to adapt your email contact capture forms to GDPR and CCPA. A proof of consent of opt-in and opt-out documentation will be saved in the system.
- Internal Privacy Management: allows you to list and document data processing activities.
In addition to these documents, Iubenda has a number of specially developed modules and plugins that make technical implementation easier even for novices.
Why do you need a privacy policy?
A privacy policy is necessary to explain to your users how their data is processed and give them the opportunity to update and request deletion.
Practically, even a site equipped simply with an elementary contact form needs to justify how the data collected will be processed and according to what purposes.
At the limit, a site that hypothetically does not collect any kind of personal user data could do without a privacy policy, but today it is virtually impossible to run into this kind of situation.
Perhaps you might feel tempted to do without such policies judging them to be unnecessary additions, but consider that by doing so you expose yourself to the risk of severe penalties: fines, in the most serious cases can reach up to 20 million euros. By no means should such legal obligations be taken lightly, not to mention the fact that our users have a right to know how their data is handled and to request its deletion, and we have a legal, and moral duty to accommodate them. Imagine how great a world would be where by telling the phone operator that you no longer want to receive their commercial calls, that actually happened. Here if we don’t bother to draft these documents and comply with our users’ requests, we would be behaving exactly like that operator who calls repeatedly at all hours for that same promotion we have already refused dozens of times.
Why Iubenda is so widespread
Iubenda has become in the parlance anyway almost synonymous with privacy policy generation services. Certainly this platform has reasonable prices and ease of document composition on its side. Moreover, one of the additional great advantages is the fact that as the legislation changes, all the documentation updates, without any intervention from us.
So you don’t need to have great legal skills to fine-tune your privacy policy, but as mentioned earlier, it is good to have a DPO do a final check to be sure you are 100 percent in line with the regulations. This is because many choices when setting up Iubenda, are made by the user filling out the privacy and cookie policy for their site, and you might make choices that are not fully compliant with the regulations.
To get started, all you have to do is indicate in the form your legal data (data controller, registered office, reference email…) and the services on your site that make use of personal data, and the tool will compose a customized privacy policy tailored to the portal in question. The service also covers not only websites but also mobile apps and Facebook. Iubenda has a website scanner available, which scans the site at the time you are filling out the documentation and suggests the services to be declared within the privacy and cookie policy. This is not so obvious, as there are few tools that allow this, and it is not so useless, as sometimes we might forget about the services that are used, and that need to be declared. An example? Google fonts, are a “service” that is very often used and needs to be declared, although 99% of the time it is forgotten by those who fill out the documents for GDPR. This allows us then, to have a valid support. The scanning then over time will continue and Iubenda will occasionally send you emails indicating if in its opinion there are any services detected that are not declared in the documentation (this is mainly in paid plans).
Iubenda’s service is carried out using experienced attorneys who, based on the information provided, make policies available through the platform that are in line with current legal requirements. These are periodically updated when the legislative landscape regarding the processing of personal data changes.
This is therefore a nice saving in comparison to the price of specialized legal advice on a bespoke basis.
How Iubenda is used
Iubenda has particularly intuitive operation on its side. After creating an account, you will be able to generate from the dashboard a privacy policy pertaining to the site in question, which you will go by its domain name. Indicate all the services you use on your site and the related data received. Continue through the guided steps and you will end up with a privacy policy ready to be implemented. At that point, the platform provides you with HTML code to insert in a special widget in the footer of your site. In just a few clicks, your privacy policy is ready. You can decide whether to embed it directly on your site (by embedding the privacy code) or to leave it on Iubenda’s servers and then have the user view it as a popup that links to a url on iubenda’s site. Here your choice is free, it does not matter which option you choose to comply with the regulations.
The only important thing is to remember to place it in a place on the website that makes it searchable from any page on the website, so that it can be reached by your users at any time. In this regard, our advice is to place it within the footer (which is always present on all pages of the website), but pay attention to landing pages…you may for some reason have removed the footer and will therefore need to link to it on those pages as well.
How Iubenda works
After entering the URL and language, the platform scans and automatically detects the services you use. Of course, in the appropriate window you can manually add all those that are not detected and that you know are used instead.
The client eventually is asked to recognize for some services the country in which the data will be processed (if the service is offered from various nations) and the specific personal data you intend to obtain from users (e.g. for the contact form first name, last name, phone number, etc.). If you have any doubts about where the data will be processed, consult the tool’s documentation, which is obliged to state this.
The tool will automatically produce the embed code to be placed in a special widget in the footer to make the cookie and privacy policy appear on the site.
Iubenda also provides a special free WordPress plugin that allows you to automatically embed the custom banner that informs the user that personal and tracking data is being collected, and once closed stores the appropriate cookie to remember the user’s choice.
However, it is not enough to download and activate the plugin to be ok with the privacy policy, it must be set (with the help of Google tag manager for example) for its functionality to become effective in blocking the tracking of users who do not specifically agree to the processing of data. it is important to know for the configuration of the iubenda “popup” that the user in no way should be “directed” in agreeing to be tracked, penalty, non-compliance with the GDPR. For example, if you are thinking of putting the “accept” button in Blue and the “reject” in transparency, don’t do that as you would be non-compliant with the regulation. Basically, the rule is the obligation to allow the user to make an informed choice in making privacy decisions.
- The advantages
- interface with great ease of use (no need to be a code expert)
- reasonable price
- ease of integration with WordPress
- possibility to create multilingual policies
- reliable service supported by a legal team
- can scan the site to identify at least some of the services used and related data used
- policies updated according to new legal developments
- allows you to save time and focus on more profitable activities for your business
- possibility to comply with GDPR obligations
- possibility to correct any errors by manually adding missing information
- possibility to switch from one service to another of higher level when the need arises.
- availability of a plugin to install policies on WordPress sites and a module for Prestashop
- customer care to respond to issues related to the operation of the solution
Thanks to Iubenda you can secure yourself from human error (an ever-present risk when you need to ensure compliance) and protect the privacy of your website users. Through the freemium configuration we can activate a free basic license so that we can become familiar with the tool and understand how to build a privacy policy. However, this is not a configuration that realistically can cover all the needs that arise in managing a site, so you will certainly need to stipulate a paid one, among the various available configurations, according to your needs.
The main advantage of Iubenda is that it saves you valuable time that you would otherwise devote to creating privacy policies, which you would never be sure you would have handled properly on your own anyway. The website owner is liable for any errors in the privacy policies and exposes you to the risk of serious penalties, which should deter anyone from DIY.
Far better to entrust the drafting of legal documents to those who are professionally versed in the subject.
The mode of use is really intuitive: just click on “Start Generation” to activate the creation of the respective services.
How much does Iubenda cost?
Iubenda presents several formulas from which each person can choose the one closest to his or her needs:
Basic: free of charge. It is limited to 4 clauses/services
Pro: from 27 euros per year. Unlimited privacy and cookie policy clauses and services.
5 Pro licenses: from 108 euros per year. Ideal for managing a language website
Ultra: from 99 euros per year. All the features of Pro, plus Terms and Conditions for ecommerce or SaaS services.
Special configurations are also available to fulfill special needs.
These prices are calibrated to the level of 25000 pageviews, beyond which prices are increased proportionally. Bundles of 5 licenses can still be purchased, which provide a 27% discount on the price of each license.
Iubenda is available with an annual subscription service that is renewed annually. New services can be added at any time to fulfill new needs as they arise.
The presence of the free basic license allows new users to test the service without spending any money to understand if it is right for them. After getting familiar with it, one moves on to the Pro license that allows one to fully manage the privacy and cookie policy discourse. In case you have to manage several sites you can buy a set of five licenses so that you can save proportionally on the total purchase.
It is also possible to earn through a royalty system that allows you to earn a percentage from those who sign up from our link.
How to configure the Iubenda plugin on WordPress.
Configuring Iubenda for WordPress is quite simple. It takes some time to configure everything, so consider a few hours of work to do everything perfectly, but it’s still a fairly straightforward job. As a first step, download the iubenda plugin. You’ll just go to the WordPress plugin gallery and search for iubenda. Right now it is called “iubenda | All-in-one Compliance for GDPR / CCPA Cookie Consent + more” but I guarantee it changes names often, so just be sure to download the official one, verifying that it is “by Iubenda.” At this point you will need to sign up on the iubenda site and begin configuration.
In the plugin you will be faced with this situation:
the purpose will be to get all the switches “turned on” so that everything is configured and working. Clicking on the various configure buttons will open the various submenus to properly configure each item. You will need to move between the plugin and the iubenda site in order to get everything configured perfectly; this is not a one-click configuration that is done automatically, but it is a configuration wizard, so it is basic enough.
Configure Privacy and Cookie policy with Iubenda
Let’s start with the Privacy and Cookie policy, 1st box at the top left of the previous picture.
Just click on the green button “Configure your privacy and cookie policy on iubenda.com” and you will be redirected to the correct page where you can fill in all the fields. Once filled out just save (making sure that you have automatically selected “Automatically add to footer” so that the widget will automatically be displayed in the footer of every page of your WordPress site. If you want you can select the manual integration option to use other methods… Let us give you a piece of information that might come in handy. Should you want to, you could create 2 pages for Privacy and Cookie policy and dynamically integrate the text within them through an iframe. What does this mean? if the documentation changes, the 2 pages within your Web site will also change, and you will not need to make the user leave the Web site. Wondering how you can set it up this way? Select the “embed text in body” item and paste the javascript generated by Iubenda onto a page on your website. save the page and display it. The full policy will appear automatically! Do the same for the cookie policy.
Configure the Consent Solution with Iubenda
This item is very simple to set up, but tricky to configure in the best possible way. Simply activate the Consent Solution on iubenda, from your dashboard and paste in the API key generated. This will easily map forms made with Contact Form 7 and WP Forms, as well as WordPress comment forms and WooCommerce checkout forms, which will automatically appear at the bottom of this plugin section once configured. The fields that should be mapped should be configured for each detected form, and the documents that are accepted by users when filling out the contact or comment form should be flagged. If they are not detected, we recommend that you check with iubenda on how you can map the various contact forms in order to comply with the regulations.
Once you have filled everything out by clicking on Hello Settings you will return to the previous screen and it is time for the terms and conditions.
Configure the terms and conditions with Iubenda
Configuring them is very simple. Just click on “Configure the terms and conditions by clicking here” to be on the page where Iubenda will ask us a series of questions to best configure this document that is very important for ecommerce. In this regard, we would like to remind you that the terms and conditions may change over time for your ecommerce, so be sure to update the document with the new information if it is necessary.
Configure the cookie solution with Iubenda
Now that you have configured all the documents, all that remains is to configure the banner that will appear whenever a new user enters your website. Let’s make a point right away, as mentioned at the beginning, the user has to make an informed choice, so try to configure the banner so that the colors are not confusing, otherwise you can risk being out of compliance.
Enter the plugin’s “cookie Solution” and click on the “Configure your cookie banner by clicking here” button.
You will find yourself on this page. Now click on customize, and start configuring your banner. Remember that if your site is active in other nations, it will also need to comply with the other nations/continents’ regulations, not just the GDPR such as the CCPA.
Once you have selected the regulations that your site will need to comply with you can proceed to customize the style. In the points where you need to comply with some canon iubenda will tell you that that tick or that field is required for the GDPR so no fear, style your banner and give space to your imagination. once finished, click on save and you will be taken to the point where you will copy the html code to be placed inside the plugin so that the acceptance banner will finally appear.
If you want to configure its operation with Google tag manager you will need to modify this html code by going to insert an additional string of code that will trigger the various levels of consent.. We recommend that you read this guide in this regard. Guide for integration with Google tag manager
the configuration is done… now all that remains is to check if all the codes are blocked correctly. Our advice is to always do these checks through an experienced DPO who will clear you of any doubts.
+ There are no comments
Add yours