GDPR Compliance

Ensuring data privacy and security is one of the toughest challenges faced by legal authorities in the digital era. The General Data Protection Regulation (GDPR) was first proposed in 2012 and approved by the European Parliament in 2016 to impose legal obligations onto all organizations that handle personal data or offer goods and services to EU data subjects. On May 25th, 2018 the GDPR came into effect compelling companies to be compliant with all legal requirements to protect the data privacy rights of all individuals.

Get your Drupal-based website GDPR compliant

According to the EU data privacy and security law (GDPR), all websites that collect, store and process personal data of the EU data subjects must be compliant with GDPR. Non-compliant websites can be penalized by fines of up to 20 million EUR or up to 4% of a company's annual global turnover.

At 1xINTERNET we offer full support regarding GDPR compliance: from consultancy to implementation. We ensure your website security and transparency in communication in order to build trust between your company and your customers regarding personal data.

Secure (Fewer data breaches)

Transparent (Clear communication)

Reliable (Greater user trust)

What is personal data under GDPR?

According to Article 4 GDPR, “personal data” is defined as any information related to an identified person (or “data subject”). Websites may collect the following personal data: 

  • Tracking data - Google Analytics, Matomo (formerly Piwik), etc.

  • Newsletter data - Mailchimp, CleverReach, Campaign Monitor, etc.

  • Social media data - Facebook, Twitter, Instagram, etc.

  • Web forms contact - form, feedback, inquiries, etc.

  • User data - login data, purchase data, processing data, etc.

This also includes such identifiers as connection data (IP address and cookies). In accordance with GDPR, companies are required to systematically record, review, adapt and secure all personal data collection and processing operations including its subsequent use by third parties.

Our services to ensure your GDPR compliance

Website security

The first step to achieve GDPR compliance is to ensure your website is secure. We provide you with strong encryption and secure data transfer mechanisms, protect your website against unauthorized accesses and DDoS attacks. Along with the encryption of backups and automated security updates we achieve a high level of protection for the use of personal data and guarantee optimal website performance.

Consent (cookie) banner

Explicit consent from users to handle their personal data is necessary to be compliant with GDPR. All websites should include a pop-up cookie banner on the user’s first visit with the possibility to opt-in or opt-out of data tracking. We support you in the integration of the consent banner into your website, its configuration and individual styling. At 1xINTERNET we work with both types of consent management platforms: hosted (Usercentrics or Cookiebot) and open-source (Klaro).

Website forms

Designing GDPR compliant web forms that hit conversion targets is one of the biggest challenges for the majority of companies. Our team of Drupal experts can help you to achieve this goal. We guarantee the building of secure web forms of any complicity, its customization according to your requirements and including all of the necessary features (mandatory checkboxes, opt-in options, privacy statements, links, etc.) to ensure your web forms are compliant with GDPR.

Contact us and become GDPR compliant

Service request

Comply with 8 principal rights of GDPR

The right to be informed

The right of access

The right to rectification

The right to be forgotten

The right to restriction of processing

The right to data portability

The right to object

The right related to automated decision making

In order to comply with GDPR, organizations have to respect the 8 principal rights of data subjects and guarantee a lawful basis for handling their personal data. The General Data Protection Regulation stipulates that all individuals should be sufficiently informed about the collection and processing of their personal data. To achieve this, the privacy policy should be a core feature of your website and include all essential information regarding the use of the personal data of your users. The information should be clear, unambiguous and easily accessible. It should inform users about their rights and your legal obligations with regards to the collection, storage and processing of their personal data.

At 1xINTERNET we always recommend obtaining professional consultancy from your own DPO (Data Protection Officer) or any other empowered organism to ensure your privacy policy includes all necessary information in accordance with GDPR legal requirements.

GDPR Compliant projects with Klaro

CMS solution

SENEC GmbH - Corporate website

Field of solar panels

SENEC is a provider for innovative solar energy solutions. The main challenge of this long-term project is to build a strong online presence with an...
CMS solution, Hosting solution

World Cancer Day - Scalable Hosting Platform

World Cancer day 2021 Case Study 1xINTERNET

World Cancer Day is the global uniting initiative led by the Union for International Cancer Control (UICC), and takes place every year on February 4...