GDPR checklist

A Quick Check for Compliance

With GDPR in full effect, we wanted to provide a simple checklist for you to make sure your Scrivito projects are compliant. When using the Example App as the basis for your project, there are several features built in to help. Additionally, as Scrivito is an EU-based company, we work to provide GDPR-compliant products for our customers and assist where we can.

What is GDPR? In a nutshell, if you track or collect data from visitors to your website and they are in the EU, you need to collect the data in a GDPR-compliant way. There are three main points to these requirements: explicit consent, right to access, and right to be forgotten. Further, storage of personally identifiable information (PII) of EU citizens must be stored in the EU. GDPR is a complex topic, and we are only scratching the surface here, so it is recommended to discuss your specific requirements and liabilities with a qualified data protection officer or lawyer.

Explicit consent – Requires capturing consent to track and store data about a user or visitor.

Right to access – Captured data needs to be accessible within 30 days of request in a machine-readable format.

Right to be forgotten – Captured data must be completely deleted within 30 days of request.

Scrivito.com checklist

GDPR requirement

scrivito.com

Explicit consent

Right to access

Right to be forgotten

Form content

Custom 3rd-party integrations

Custom widgets that collect or track data

Scrivito example app checklist

GDPR requirement

Scrivito Example App

Explicit consent

Right to access

Right to be forgotten

Form content and other user generated data

Implementation-dependant1

The Example App is designed to be GDPR compliant by default. When adding tracking or data capturing features to the Example App, you should also activate the cookie consent feature by adding a link to your privacy policy in the site settings of the homepage. The functionality was designed for the features included in the Example App. Should you add custom features to your project, which require tracking, additional steps should be followed to include the new features in the consent policy.

1The forms in the Example App all have a consent field which, when activated, are required for form submission. The consent text is sent as part of the form data so it can be tracked with the users’ data in case of a GDPR audit. Additionally, the contact form can be customized to store data to whichever backend you choose, which needs to be GDPR compliant. By default, as an example implementation, our widget utilizes Netlify Forms which might require a data processing agreement (DPA) between you and Netlify because they store data also in the US.

Your checklist

GDPR requirement

Your web app

Explicit consent

Right to access

Right to be forgotten

Form content

Custom 3rd-party integrations

Custom widgets that collect or track data

Additional information about how Scrivito helps you to be GDPR compliant can be found in our compliance documentation and terms of service.

More great blog posts from Antony Siegert

  • Integrating Salesforce with Scrivito

    As we continue to add enterprise-level features to Scrivito, we decided to look at other enterprise-level services to integrate. Salesforce is one of those and has a ton of features. We could hire someone full-time just to build integrations to show you the power and flexibility of both Scrivito...

  • Integrating Mailchimp with Scrivito

    There are a myriad of ways to collect email addresses to communicate with your audience. Mailchimp is one of those, and, if you are not familiar with it, you should check them out. Mailchimp is an all-in-one marketing platform that provides quite a lot of features. The most basic feature is...

  • Expanding Scrivito’s Pricing Options

    Announcing new pricing options for Scrivito As we expand the feature set of Scrivito, we also have to determine the most appropriate pricing model for our customers. We have always considered pricing to be an important factor, but the fact remains that the product needs to grow, and requests from...

  • Example App Updates

    What is new in the Example App? The Example App has been a big part of the Scrivito journey, not only for you – our customers – but also for us as developers. We developed the Example App to showcase some of what could be done when implementing a Scrivito-based app. It is used, every day, to test...

  • Customizable Page Menus

    Scrivito’s top-right menu is customizable! Menus can make editors’ lives much easier, and we have had several requests to add items to the menu to aid in a more efficient content generation. So, our developers worked hard and took our mantra of complete developer flexibility to heart. Beginning...

  • The Scrivito Example App now Uses Bootstrap 4

    With Bootstrap 4 finally being released to the wild and with all the new features, of course, we wanted the Scrivito Example App to have the latest and greatest. After all, the Scrivito Example App is our showcase for implementing the Scrivito CMS. While the change from Bootstrap 3 to Bootstrap 4...

  • A/B Testing with Scrivito and Google Optimize

    Fine tuning a website takes time, and there are many options to consider. But when it really comes down to it, it's important to find out if the visitors are happy with the improvements. To do this, we need to compare their reactions to the present and the improved versions of the pages...

  • How to Create a Blog Post in the Example App

    Creating a blog post is simple with the Example App. A blog post has an author, so we will want to add our author page, too. Every blog post page consists of a title, a subtitle, and a widgetlist. The widgetlist is where you will build up the body of the blog post using the available widgets in...

  • Testing Your Scrivito-Based Rails App 

    The question of how to test Scrivito-based apps comes up less often than you would expect, but none the less it is asked. Remember that Scrivito is just Ruby, but being mainly an API, there are some caveats. It is best kept in mind what Scrivito is, a Content Management System, so your testing...