The GDPR must be complied with by all entities that process personal uruguay phone number resource data of citizens of the European Union (Article 3 of the GDPR). The GDPR itself states that personal data is any information relating to an identified or identifiable natural person (data subject), by which he or she can be directly or indirectly identified. Therefore, if the information being collected is personal data and the data subject is a citizen of a member state of the European Union, you must ensure that your website complies with the GDPR.
If you cannot be certain that you are processing personal data of at least one citizen of a member state of the European Union, ask yourself the following questions:
Are your services/products adapted to the languages of residents of the European Union?
Are your services/goods paid for in local currencies of the European Union countries?
Are your services/products provided on national top-level domains of the European Union countries?
If the answer to any of the above questions is yes, you must comply with the GDPR.
As a website administrator, you are responsible for informing your visitors and customers about how your website processes their personal data, so you should carefully review all GDPR requirements and ensure that your website complies with them.
Below we provide recommendations that can help you ensure your website is GDPR compliant.
The main document that should reflect compliance with the GDPR is your website's privacy policy. If you don't have a privacy policy yet, you should think about creating one. The uCoz website builder has a corresponding template in the settings:
We recommend creating a clear and comprehensive privacy policy for your website in accordance with the requirements of the GDPR and the laws of your jurisdiction, while an important requirement for the privacy policy is its simple and easily accessible form for the subject of personal data.
The privacy policy must contain the following provisions:
the basis for collecting personal information (usually this is the consent of the subject of personal data, but there are also other legal grounds specified in paragraph 1 of Article 6 of the GDPR);
what rights does the personal data subject have (listed in Articles 15-18, 20 GDPR);
a list of the personal information you collect and its category;
the purpose of collecting personal information;
in what cases do you disclose personal information to third parties;
how your website uses cookies and other automatic information collection technologies;
how the subject of personal data can revoke their consent/change or delete personal information transferred to you;
how your privacy policy will be updated;
Your contact information for communication and questions.
We cannot provide more detailed recommendations on how to draft a privacy policy because this document is strictly individual for each website. If you require any specific functionality in accordance with the GDPR (notification of the use of cookies, age verification, implementation of the right to data portability, etc.), write to the uCoz technical support service, we will help you find an appropriate solution.
Another important requirement of the GDPR is the requirement for localization of personal data. The websites of our users from the European Union, as well as all information obtained using the website modules, are automatically placed on servers located in the United States from the moment the website is created on the uCoz platform. The European Commission, based on Article 45 of the GDPR, recognizes the United States as a country that ensures an adequate level of data protection .
Some general recommendations regarding GDPR compliance:
audit your website and organizational measures for compliance with GDPR requirements;
do not process data longer than is necessary in accordance with the purposes stated in the privacy policy;
be guided by the principles established by paragraph 1 of Article 5 of the GDPR, including the principle of data minimization, i.e. do not collect information that is not directly necessary when providing services/offering goods;
promptly respond to all customer requests regarding their personal data;
obtain explicit consent to the processing of personal data using the checkbox;
If you are located outside the territory of the European Union, you should appoint your representative in the European Union.
To fully prepare for the requirements of the GDPR, we recommend that you read the full text of the GDPR and seek legal advice from qualified professionals in your jurisdiction.
You can find useful materials on how to make your website GDPR compliant here .
If you have any additional questions, comments or suggestions for improving our service in terms of GDPR requirements, please contact our technical support service.
