Fifteen years is a long time to build anything. It’s long enough to learn what works, what doesn’t, and what you wish someone had told you at the start.

We caught up with Andrea Giannangelo, iubenda’s founder, to talk about the journey: the moments that shaped the company, the advice he’d give his 2011 self, and the lessons that might help anyone starting out today.

A success story like you’ve seen before

You might think iubenda is just another startup success story. We won’t argue.

It follows the usual ingredients that decades of research have shown: that success is less about genius and more about timing, opportunity, and relentless consistency. Let’s take a look.

The bold idea

Andrea Giannangelo had just graduated from law school when he ran into the problem that would shape the next 10 years of his life.

He had a website. Getting it legally sorted was complicated, expensive, and slow. The only options were custom legal services that most small businesses couldn’t afford, or generic templates that didn’t really fit. So he built something better.

In 2011, online privacy was nearly non-existent. Social media had become the dominant force online, and the prevailing mindset was to connect and share, not to protect personal data.

Betting on privacy felt contrarian. When asked what he got surprisingly right, Andrea recalls: “That 15 years ago, privacy was going to be a thing.” But being right early isn’t always comfortable.

The tough start

The early days weren’t glamorous. “We applied to every single accelerator out there, sometimes multiple times. And nobody took us, nobody could see it really.”

Investors did eventually come knocking, but the terms on offer were bad. Andrea also felt like the market wasn’t ready yet, and so he turned them down. He kept building.

Things were hard. Growth was slow. Revenue wasn’t enough. “I really didn’t know if we were going to make it.”

Seizing the opportunity

Slow growth and rejection were tough. But they kept iubenda independent and ready for the right shift in the market.

In 2014, the Italian data protection authority (the Garante) was preparing detailed cookie guidelines enforcing the ePrivacy directive, or Cookie Law.

Rather than hand down rules from above, the Garante set up a roundtable with the main industry stakeholders like publishers and trade bodies, including the IAB.

The IAB brought in Andrea to advise on the technical side. His background spanning law, commercial practice, and the technical realities of cookies made him the rare person who could speak all three languages at once.

That working group helped shape the guidelines that would define how cookie consent worked in Italy.

In the right place at the right time

Enforcement followed in 2015. Then the General Data Protection Regulation (GDPR) arrived in 2018. Privacy stopped being a niche concern and became front-page news across Europe.

“I went from being nobody to literally having my phone jammed by all the large companies and publishers that wanted to get our product.”

Even though a chaotic moment, it was all happening now: preparation had met opportunity. “That changed everything. A few years later, we did 5x in revenue.” That combination of discipline and tenacity, repeated over years, is what got iubenda where it is today.

Asked how it feels to reach that milestone, Andrea’s answer is honest: “Completely unlikely.”

Founder to founder: 15 lessons from 15 years

Andrea also shared some simpler wisdom, like prioritizing sleep (seriously, he mentioned it twice).

But here are 15 pieces of advice for founders to celebrate 15 years of iubenda. And if you’re just starting out, we hope compliance is on your checklist. If not, well, you know where to find us.

Timing is everything

When asked what he’d tell his 2011 self, Andrea doesn’t hesitate: “Timing, it’s all about timing.”

You can have the right product, the right team, the right strategy. But if the market isn’t ready, none of it matters. iubenda bet on privacy in 2011, before privacy was mainstream with the Cookie Law in 2014, or even bigger, GDPR in 2018.

The bet paid off, and timing eventually caught up. But timing alone isn’t enough. You have to be ready to ride the wave when it comes.

Looking back, Andrea is still surprised: “I think that was one of those moments of clarity that I really look back to and think, how could I have such certainties?”

Protect your time to think

“If you are too busy, you’re compromising the time that you dedicate to thinking, and your capability to think is everything.”

There’s a myth that founders need to overwork themselves to succeed. Andrea disagrees. Busyness can be the enemy of clarity, and trying to do everything yourself only makes it worse.

Stay focused, even when nobody believes in you

“At the beginning, as nobody could see it, everyone was telling us to try and do other things, and I stayed on the same product, privacy, and ultimately that paid off.”

When things aren’t working, the temptation is to pivot, diversify, try something new. Sometimes the right move is to stay the course.

Consistency is underrated

Andrea’s secret superpower? “The combination of discipline and obstination.” One of his favorite quotes: “The more I train, the luckier I get.” Luck isn’t random. It’s what happens when preparation meets opportunity, over and over again.

You don’t need a stroke of genius

The myth of the visionary founder is just that: a myth. What looks like genius is usually persistence compounded over time.

Aim for top three, not top one

“It’s never about being the top one. It’s about consistently being in the top three.”

Sustainable success isn’t about being the best once. It’s about being consistently good over time.

Not everyone will grow with you

“As you grow, not all of your team will be able to grow with you and you’ll need to make some more choices there.”

This is one of the hardest lessons in leadership. The people who helped you start may not be the people who help you scale. Recognizing that, and acting on it, is painful but necessary.

Keep asking yourself what matters most

That’s Andrea’s go-to productivity trick: “What is the most important thing that I have to do right now? Literally over and over.” Relentless prioritization.

Customers will keep you going

During the hardest moment, when Andrea almost gave up, what kept him going? “The customers, speaking with them and getting their feedback. That was everything for me in that moment.”

When you’re lost, talk to customers. They’ll remind you why you started.

Funding is a means, not a goal

“Funding is not a goal. The goal is building a company. Have funding as a means. It comes with a lot of trade-offs and compromises that I think founders underestimate.”

The startup world celebrates fundraising like it’s the finish line. It’s not. Sometimes the best decision is to say no to funding and keep building on your own terms.

Learn to let go of perfection

You can’t scale if you need everything done your way. To delegate, you need to be ready to compromise on perfection and let it go.

Simplicity wins

What have customers taught him? One word: “Simplicity.”

It’s easy to overcomplicate. The best products, the best communication, the best decisions tend to be simple.

Own your mistakes

If Andrea could delete one moment from the journey? “None of it. Own it. Own your mistakes. Own the bad ones.”

The bad moments are part of the story. They’re what make the good ones meaningful.

Prioritize learning over reward

Short-term wins feel good. Long-term learning compounds. Choose accordingly.

Not everyone makes it

“What keeps you humble? The many founder friends that were great and didn’t make it.”

Not every great founder succeeds. Sometimes the timing doesn’t align, sometimes the market shifts, sometimes it just doesn’t work out.

Looking forward

Fifteen years in, we’re grateful. Grateful for our customers and the team that made it all possible.

Things move fast. Opportunities don’t wait. Andrea knew that in 2011. It’s still how we build today.

If you’re starting something now, we hope a few of these lessons land, or remind you why you started. And when you need a privacy compliance tool, we’ll be here.

The post Looking back on 15 years: what iubenda’s founder would tell his 2011 self appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

More about the new requirements

Having integrated IAB’s Transparency and Consent Framework in their ads systems, Google will now require all publishers using their products — such as Google AdSense, Ad Manager, or AdMob — to use a Google-certified CMP that integrates with the TCF when serving ads to users in the European Economic Area or the UK.

On their side, CMP Partners will need to undergo a certification process, which will ensure their compliance with the TCF.

iubenda has previously been selected as Google CMP Partner and our Solutions, therefore, fully integrate with the Transparency and Consent Framework (TCF). We are now certified, to continue to give you specialized care and support wherever needed.

Official statement by Google

---

“By supporting the TCF, we aim to promote a unified and reliable approach for users and publishers across the broader ecosystem. […] In connection with this new requirement, Google has begun the process of certifying CMPs that work with our publishing partners for TCF compliance. We want to ensure that each CMP can be used with our technology in ways that users expect.”

Easily collect consent with iubenda

As a publisher, using a CMP that integrates with the Transparency and Consent Framework is in your best interests.

The TCF is fast becoming the industry standard and it grants publishers benefits like:

• Maximizing their ad revenue
• Smoothly collecting and transmitting user preferences
• Enhanced options and control over how they process users’ data

Moreover, if you’re using Google’s products, a Google CMP Partner will make the experience even more seamless.

Take iubenda, for example

As a Google CMP Partner, iubenda can support advertisers with Consent Mode set-up.
Using our Google Tag Manager template is a recommended option to implement iubenda and support Google Consent Mode in a codeless way, saving significant time and effort.

The post New Google Certification Program for CMPs appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

Learn more here

The post New: iubenda supports US Privacy Laws compliance appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

consentmanager is a Swedish company specializing in GDPR compliance software solutions. The company was founded in 2018 and is already one of the leading compliance solutions on the market.

Together with consentmanager, we will have offices in Italy, Germany, Sweden, France and Poland, with a team of 130 across 25+ nationalities.

Both companies will be supported by the wider team.blue organization.

Jan Winkler, CEO of consentmanager said:

I’m very happy in joining forces with Andrea and his team. iubenda’s product portfolio, geographical focus and team are the perfect match to our own strengths and the combination with iubenda and team.blue will help us drastically accelerate our growth.

We at iubenda share his excitement!

From our CEO, Andrea Gianangelo

Jan is one of the best professionals in the industry and we are excited to team up with him and with everyone in the consentmanager’s team on the path to creating a category leader.

This partnership will allow us to continue to grow and expand our services worldwide to better serve you.

The post consentmanager joins forces with iubenda! appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

Launched in 2015, our WordPress plugin is used by more than 100,000 websites and has a 5-star rating. Seven years later, we’ve made our biggest update yet.

Introducing our new plugin: All-in-one Compliance for GDPR / CCPA Cookie Consent + more

What’s different?

While our old plugin allowed you to just manage cookies and consent on your WordPress website, this latest version combines all our solutions, to give you access to everything you need.

Dead simple compliance management

With our new plugin, you can:

• Scan your site and have solutions auto-configured to match your site’s specific needs.
• Easily generate a fully customizable cookie banner, manage cookie consent and store legally required GDPR consent proofs for cookies.
• Generate a CCPA notice with working DNSMPI link as legally required.
• Activate IABs TCF to maximize ad earning.
• Quickly generate a fully customizable privacy and cookie policy.
• Auto-detect user location and auto-applies the correct data privacy settings (needed if you have users from multiple regions).
• Capture, store and manage GDPR consent records for your webforms.
• Effortlessly generate professional Terms and Conditions to protect you from liabilities.
• Translate all documents with a single click (supports 9 languages).
• Compatible with Google’s Accelerated Mobile Pages (AMP).
• Google’s Accelerated Mobile Pages (AMP)

Process compliance rating

Our new plugin scans and rates your site, showing you at a glance what’s missing. It also suggests what you need to improve your compliance.

How to get iubenda’s new WordPress plugin

If you’re already using our old plugin, you just need to update it to the latest version from within your website.
Go to Plugins in your WordPress dashboard, find the iubenda plugin and simply click “update”.

If you haven’t installed it yet, just download it here.

The post New: a totally revamped WordPress plugin appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

For more information on retrieving and filtering users’ cookies preferences, check our guide →

The post New in our Cookie Solution: filter cookie consents by date and time appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

We’ve worked hard to ensure that our Cookie Solution integrates seamlessly with this Framework, hereby giving you, our users, the additional option to easily enable and use it for your website and apps.

Enabling the framework is highly recommended for first-party publishers who work with third-party advertisers (i.e publishers who run ads on their website) as some advertising networks may limit access to their network if not implemented — which could a potentially decrease your ad revenue.

Read more about the framework and how to enable this feature here →

The post Cookie Solution and New IAB Framework Integration appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

The aforementioned can, however, be a technical challenge to implement in practical terms. This is especially true for internal privacy management and getting consent from your users. You must be able to describe which data you are collecting, for which purposes, the parties involved and some other details for the entire company, including data of your employees.

More detailed information on the GDPR can be found in our guide →

Our solution for Internal Privacy Management

In short this solution was created to easily document all the data processing activity within your organization. We believe that this is a great solution to help you comply with the GDPR. However, it was not exclusively made for that purpose and can assist you with your internal privacy management in general.

Our solution allows you to create your record of processing activity: add processing activities from 600+ pre-made options, divide them by area, assign processors and members, document legal bases and other GDPR-required records.

All details can be found here →

The iubenda Consent Solution

In short this solution enables you to easily track, store, manage and retrieve user consent.

This solution is an API that allows you to easily store proof of consent and manage consent and privacy preferences for each of your users, tracking every aspect of consent, including the legal or privacy notice the user was presented, the consent form and the preferences the user has expressed.

All details can be found here →

Great value introductory pricing

We are launching our 2 news services (the Internal Privacy Management solution and the Consent Solution) at a great introductory bundle price of 39$/month for unlimited websites, apps and projects.

Take me directly to the pricing page →

The post We’ve launched 2 new services to help you comply with the GDPR appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

As mentioned here, Google has started implementing major product and contractual changes in preparation for the GDPR. The latest update comes with a clear message that action is required regardless of location. Google states, in no uncertain terms, that even non-EEA customers will have their service impacted by the updates.

This latest statement focuses on the particular changes to the Google Analytics and Analytics 360 products, and highlights which actions you need to take as a result.

Product Changes
The first major product changed mentioned is the new granular data retention controls which allows you to manage how long your end user data is kept on Google servers before being automatically deleted. The controls allow you to set retention periods on both a user and event level, with the settings taking effect on 25th May 2018, when the GDPR becomes enforceable. The retention period applies to data associated with cookies, user-identifiers (e.g., User-ID) and advertising identifiers and the settings will not affect reports based on aggregated data. You are required to take action in the form of reviewing and modifying your retention settings to prevent accidental data loss. You can read more about the new controls here.

The second product change mentioned is the new user deletion tool which seems to be aimed at meeting the requirements outlined within the user’s “Right to erasure” under the GDPR. The tool will allow you to manage the deletion of all data associated with any individual end-user from within your Google Analytics and/or Analytics 360 properties. The tool isn’t actually launched yet, but the company states that it will be made available before 25th May, with details to be released on the developer site here.

Google also mentions a number of Analytics and Analytics 360 data related tools/features made available to assist you in meeting your particular GDPR obligations while continuing to use Google products. They include features for customizable cookie settings, privacy controls, data sharing settings, data deletion on account termination, and IP anonymization.

Contractual Changes
Google is including the new GDPR terms as a supplement to your contract with Google, where (regarding Analytics and Analytics 360 products) Google has defined itself as the “data processor”. If you’re based in the EEA, your contract has already been updated to include the updated terms; for Analytics and 360 clients based outside the EEA, the updated terms are available in your account (under Admin→ Account settings) for your review.

Updated EU User Consent Policy
As previously outlined here Google is making significant changes to their EU User Consent policy in order to meet GDPR requirements. The new changes set out your responsibilities for informing and obtaining valid consent from EEA users. As GDPR requirements can apply to you whether or not you’re based in the EEA, Google requires that you accept the updated terms if continuing to use Analytics and related products, and suggests that you review and define your path for compliance with the Regulation.

Here’s the full email text from Google:

Dear Google Analytics Administrator,
Over the past year we’ve shared how we are preparing to meet the requirements of the GDPR, the new data protection law coming into force on May 25, 2018. Today we are sharing more about important product changes that may impact your Google Analytics data, and other updates in preparation for the GDPR. This e-mail requires your attention and action even if your users are not based in the European Economic Area (EEA).
Product Updates
Today we introduced granular data retention controls that allow you to manage how long your user and event data is held on our servers. Starting May 25, 2018, user and event data will be retained according to these settings; Google Analytics will automatically delete user and event data that is older than the retention period you select. Note that these settings will not affect reports based on aggregated data.
Action: Please review these data retention settings and modify as needed.
Before May 25, we will also introduce a new user deletion tool that allows you to manage the deletion of all data associated with an individual user (e.g. site visitor) from your Google Analytics and/or Analytics 360 properties. This new automated tool will work based on any of the common identifiers sent to Analytics Client ID (i.e. standard Google Analytics first party cookie), User ID (if enabled), or App Instance ID (if using Google Analytics for Firebase). Details will be available on our Developers site shortly.
As always, we remain committed to providing ways to safeguard your data. Google Analytics and Analytics 360 will continue to offer a number of other features and policies around data collection, use, and retention to assist you in safeguarding your data. For example, features for customizable cookie settings, privacy controls, data sharing settings, data deletion on account termination, and IP anonymization may prove useful as you evaluate the impact of the GDPR for your company’s unique situation and Analytics implementation.
Contract And User Consent Related Updates
Contract changes
Google has been rolling out updates to our contractual terms for many products since last August, reflecting Google’s status as either data processor or data controller under the new law (see full classification of our Ads products). The new GDPR terms will supplement your current contract with Google and will come into force on May 25, 2018.
In both Google Analytics and Analytics 360, Google operates as a processor of personal data that is handled in the service. For Google Analytics clients based outside the EEA and all Analytics 360 customers, updated data processing terms are available for your review/acceptance in your accounts (Admin ➝ Account Settings).
For Google Analytics clients based in the EEA, updated data processing terms have already been included in your terms.
If you don’t contract with Google for your use of our measurement products, you should seek advice from the parties with whom you contract.
Updated EU User Consent Policy
Per our advertising features policy, both Google Analytics and Analytics 360 customers using advertising features must comply with Google’s EU User Consent Policy. Google’s EU User Consent Policy is being updated to reflect new legal requirements of the GDPR. It sets out your responsibilities for making disclosures to, and obtaining consent from, end users of your sites and apps in the EEA.
Action: Even if you are not based in the EEA, please consider together with your legal department or advisors, whether your business will be in scope of the GDPR when using Google Analytics and Analytics 360 and review/accept the updated data processing terms as well as define your path for compliance with the EU User Consent Policy.
Find Out More
You can refer to privacy.google.com/businesses to learn more about Google’s data privacy policies and approach, as well as view our data processing terms.
We will continue to share further information on our plans in the coming weeks and will update relevant developer and help center documentation where necessary.
Thanks,
The Google Analytics Team

Looking for more in-depth information on the GDPR? You can access the recording from our last GDPR webinar here (it’s free).
If you’d like to attend one of our other free webinars, you can use this link to sign-up. We have webinars available in several languages and as always, they are free to attend.

iubenda helps you with the generation of your privacy policy and a fully fledged cookie management system (Cookie Solution)

Take me to the privacy policy generator

Take me to the Cookie solution

The post Google Analytics: Latest GDPR Changes appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

Google has started implementing major policy, contractual, and product changes in preparation for the soon-to-be-enforceable General Data Protection Regulation (GDPR). The changes largely reflect Google’s status as either data controller or processor in regards to their products; sets out your responsibilities in light of the new legal requirements and includes product and network modifications.

Policy updates

Google’s EU User Consent Policy is being updated to better reflect the new legal requirements. Central to these policy changes is the statement of your responsibilities in regards to disclosures to and obtaining consent from EEA users.

In regards to sites/ apps or other “properties” under your control that make use of Google services, you are required to:

• acquire legally valid consent from end users for the use of cookies or other local storage (where legally required);
• acquire legally valid consent for the processing of personal data for ads personalization of ads or remarketing services;
• keep records of consent given by end users;
• provide end users with clear instructions for the withdrawal of consent; and
• identify and disclose details of all third-parties involved in the processing of the personal data of end users, in an easily accessible and visible way

Google has stated that failure to comply may lead to limited or suspended accounts and/termination of your agreement.

Contract changes

Google is including the new GDPR terms as a supplement to your contract with Google. These modifications will come into force on 25 May 2018.

Currently, these contract changes will affect AdWords, DoubleClick, and the Google Analytics suite. The terms will be incorporated into your terms of service (also known as the terms and conditions) agreement with Google and you may be required to log-in and accept the new terms in your account if you haven’t already.

Product changes

In order to comply with the GDPR, Google is making product changes across their global network of publisher sites, which:

• give publishers the ability to select which third-party ads get displayed to their end users and give them the ability to show non-personalized ads;
• limit the processing of personal information for children under the GDPR Age of Consent;

The company has also stated that they are “exploring consent solutions for publishers” and launching new controls that give Google Analytics customers the ability to manage the storage and deletion of their data.

Update:You can read more about the specific changes to Google Analytics and Analytics 360 here.

Here’s the full email text from Google:

Dear Customer, Over the past year we’ve shared how we are preparing to meet the requirements of the GDPR, the new data protection law coming into force on 25 May 2018. The GDPR affects European and non-European businesses using online advertising and measurement solutions when their sites and apps are accessed by users in the European Economic Area (EEA). Today we are sharing more about our preparations for the GDPR – including our updated EU User Consent Policy, changes to our contract terms, and changes to our products, to help both you and Google meet the new requirements. Updated EU User Consent Policy Google’s EU User Consent Policy is being updated to reflect the new legal requirements of the GDPR. It sets out your responsibilities for making disclosures to, and obtaining consents from, end users in the EEA. For example, under that policy, advertisers will be required to obtain consent from users for the collection of data for personalized ads (e.g. remarketing tags to build audience lists) and for the use of cookies where legally required (e.g. conversion tags). The policy is incorporated into the contracts for most Google ads and measurement products globally. Contract changes We have been rolling out updates to our contracts for many products since last August, reflecting Google’s status as either a processor or a controller under the new law (see full classification of our Ads products). The new GDPR terms supplement your contract with Google and will come into force on 25 May 2018. For AdWords customers globally, our GDPR terms are incorporated into the terms of service, which (if you’ve not done so already) you can accept in your account. In the case of AdWords Customer Match and Store Sales Direct, Google acts as a processor; for the rest of AdWords we act as a controller. For customers using DoubleClick and the Google Analytics (GA) Suite, processor terms are available for you to review and accept from within your account. If you are an EEA client of GA, data processing terms will be included in your terms shortly. GA customers based outside EEA and all GA 360 customers may accept the terms from within GA. If you don’t contract with Google for your use of Google products, you should seek advice from the parties with whom you contract. Product changes To comply, and support your compliance with GDPR, we are: Making some changes across the network of publisher sites on which your ads may appear – enabling publishers to show non-personalised ads and to select which third parties measure and serve ads for EEA users on their sites and apps. Taking steps to limit the processing of personal information for children under the GDPR Age of Consent in individual member states. Unifying our ads data retention practices; and launching new controls for Google Analytics customers to manage the retention and deletion of their data. Exploring consent solutions for publishers, including working with industry groups like IAB Europe. Find out more You can refer to privacy.google.com/businesses to learn more about Google’s data privacy policies and approach, as well as view our data processing terms and data controller terms. If you have any questions about this update, please don’t hesitate to reach out to your account team or contact us through the Help Center. We will continue to share further information on our plans in the coming weeks. Sincerely, The Google Team

Here’s what you can do right now to comply with Google’s GDPR-based consent policy requirements:

• Put in place on your site/ app an easily-accessible, comprehensive privacy policy which includes details on how you process end-user data, for which purposes and who else has access. Be sure to include each third-party service used with links to their policies where possible and detail their involvement in the processing (you can do this with just a few clicks via our privacy policy solution)
• Implement a method of obtaining verifiable and valid consent. For consent to be valid, it must be informed, freely-given and verifiable. This means that your end users should know precisely and honestly, exactly what they’re consenting to and the consent must be based on an explicit affirmative uncoerced action.

 Here’s an example of a method of acquiring valid consent for the processing of personal data for ads: Yes, I would like the ads I view to be personalized. I have read the privacy policy and understand the requirements for this function (optional).

• Implement a “cookie consent solution” that allows you to obtain valid, verifiable explicit consent BEFORE installing cookies on the end users’ device. Our cookie solution simplifies this process -end users are informed via a customizable cookie banner; active consent is facilitated via either clicking or scrolling, and user consent settings are remembered.
• Keep clear records of the consent attained. Your records of consent should at least include the identity of the user giving consent; when they consented; what disclosures were made (what they were told) at the time they consented; methods used for obtaining consent (e.g., newsletter form, during checkout etc.); whether they have withdrawn consent or not.

Looking for more in-depth information on the GDPR? You’re welcome to join us at our up-coming webinar. It’s free to attend and you can have your most pressing questions answered. You can use this link to sign-up NOW as our webinars often fill up quickly.

iubenda helps you with the generation of your privacy policy and a fully fledged cookie management system (Cookie Solution)

Take me to the privacy policy generator

Take me to the Cookie solution

The post Google’s latest GDPR preparations and what they mean for you appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

• Free basic policy with some restrictions
• Paid policy that unlocked all of the otherwise restricted options for 27$ a year.

We have now created monthly subscriptions and are adding them into the mix (we have been running them for some time successfully, which is why newer users will not be surprised by this announcement). They have become a very popular choice for new sign-ups:

Monthly plans include 5 or more licenses. There are a number of reasons why anyone would want to have more than one license. Either you have the need for various privacy policies for multiple sites, or you would like to add another language to your existing privacy policy. You may even find that you need another license for a mobile or a Facebook application.

The new pricing options are now rolled out and visible across the site and you can visit them at the URI below to get a general overview:

Monthly pricing structure: https://www.iubenda.com/pricing

There are various packages available. The first monthly plan has 5 licenses for the price of 4 single licenses (-20%).  The more licenses you need. the cheaper they get for you. If you find you have a different use case altogether, you can always place an inquiry with us at info@iubenda.com.

What are monthly plans for?

Monthly plans are mainly a pricing option that help you save. When you use more than one license (possibly with languages or multiple sites) you can use our monthly plans and save real money.

Monthly plans are also ideal for web apps and agencies that need more than a few licenses to produce client work or policies for each user.

What are some other changes that are connected with this?

There are some changes that will only apply to new users: from now on every account will hold one free policy with the usual restrictions. Your first privacy policy with the most important policies is still free, any additional license you may need is still priced at 27$ as before.

If you were a user before this changes you will remember that you’ve had more free policies at your disposal. This change is therefore not going to affect you.

Do I have to give back some of my free policies?

If you had signed up prior to these changes, you will still have more than one free policy connected with your account. This does not change for you.

Can I switch between pay-as-you-go and monthly payments whenever I want?

Yes. Switch in between our options anytime as your needs change.

If I already own pay-as-you-go licenses, do I have a bonus when moving to monthly charge?

You will be credited the unused amount of your payment towards your new monthly payment plan.

Example: You have used 6 months on your 27$/year policy and then move to a monthly plan. This means you have 13.50$ credited towards your new payment option.

The post iubenda Monthly Pricing Packages appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

Another week for iubenda means another launch of a new language: today we are releasing support for a Spanish privacy policy text. The “política de privacidad” can be generated for both new sites and added to existing ones as translations of another primary policy.

In other words: any Spanish website can now easily craft a Spanish “política de privacidad” through iubenda’s dashboard.

It’s also a perfect fit for Spanish companies that might want to offer their service in another region like Germany (Austria/Switzerland) Italy or any English speaking country.

As with our German privacy policy we’ve been testing the Spanish text internally and are now happy to launch to the public today.

A word about legal grounds

Privacy law in Europe has its legal framework in European privacy directives and state law. The Data Protection Directive and the ePrivacy Directive are the European minimum standards that have to be implemented into member state law:

In Spain mainly two laws regulate the mandatory information on a website. The information a website owner must disclose about himself is regulated within LSSICE (Ley de Servicios de la Sociedad de Información de España) and the data protection regulations are contained within the LOPD (Ley Orgánica de Protección de Datos de Carácter Personal de España).

It’s stated in article 5 & 6 of the LOPD that the user needs to be informed of any data collection practices and its purpose along with the users rights regarding their data. This is being done via a “política de privacidad”:

La política de protección de datos personales, informa a los usuarios del procedimiento llevado a cabo por la organización para recoger los datos personales, permitiendo ver a éstos el uso que se les da, y las opciones que tienen las organizaciones respecto a su recogida.

Los datos personales recogidos en las webs se deberán tratar de acuerdo con lo dispuesto en la LOPD 15/1999, y deberán ser tratados de manera confidencial.

Los usuarios pueden ejercitar los derechos de oposición, acceso e información, rectificación, cancelación y revocación de su autorización a la utilización de sus datos personales.

It says that the privacy policy informs users about the data collection practices and that the personal data needs to be collected in compliance with the LOPD and treated in a confidential manner. Users may exercise various rights as for example gain access to the information that is being collected about them as well as revoke authorization to the use of their data.

How Do I Make a Spanish Privacy Policy?

Around the site you’ll find a couple of (green and blue) buttons indicating that you can generate a new privacy policy. Next to that button (before) you will find a dropdown menu with small flags that shows the language settings for the policy to generate.

Choose your privacy policy language right there to start the generation in the correct language.

How Do I Add an Additional Privacy Policy to the Site?

If you already have an English/German/Italian policy running on the site, but you would like to add a second language you may do so from the user dashboard.

When you’ve logged into your dashboard and have chosen the site you’d like to add a second policy to, you may do so in the sidebar on the right:

Along with the document preview you have the language management widget right there at your service.

Get a Spanish Privacy Policy

The post Launching our Spanish Privacy Policy appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

We completely renewed the legal text of the privacy policy, making it more precise, flexible and clear. In addition, we improved the simplified privacy policy, thanks to your feedback too.
All the new privacy policies and those that will be modified starting from today will have the new text, while all the other policies will be updated on Monday, July 16, to give you time to inform the users of your applications or websites about the modification.
The modifications, anyway, improve the text without substantially changing your personal data collection and handling terms.

For a preview of the new text, refer to our privacy policy.

Display your privacy policies

Iubenda for Facebook apps

A few days ago Facebook started forcing developers of applications based on its platform to provide a privacy policy to avoid any risk of deactivation. The great news is that we created a new version of our privacy policy generator, designed especially for Facebook apps, that you can try out here.
Generating a privacy policy for your Facebook app is really easy, and iubenda is able to automatically detect the configuration parameters. Likely to be the most original use of the Facebook API of all times

Try iubenda for Facebook apps

More than 50 new services

Many of you asked on our support forum to add more services, now the wait is over. We added more than 50 new services, raising the total number to 75, all ready to be added to your privacy policies!

Go to the iubenda home page

The post Privacy policy text renewed, iubenda for Facebook apps, 50+ new services appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

A new amazingly amazing iubenda:
new design and new features

We are working with Jonno Riekwel for making iubenda not only useful, but even beautiful.
The result is amazing, we are excited of what’s coming up, screenshots below.

New Dashboard

We redesigned the dashboard to be more visual and funny to navigate.

New interface for managing services

We now have categories for making the services easier to manage, and a dedicated section for editing the privacy policies generated in the past

Language management

The reason why we only invited italian users to join the beta so far is that there was no way to seamlessly manage multiple languages. Now we are building a dedicated feature for handling the need:

Simplified privacy badges and ‘no branding’ option

This was the most common feature request. The good news is that it’s coming

A completely renewed privacy policy

The process was long, and we explained it on a dedicated blog post, but we can finally show the result:

Stay tuned

Sign up to the waiting list if you didn’t yet, we’ll keep you up to date, as more as we can.
This is just a sneak peek of what we are working on, we are *very* alive and iubenda is moving fast.

What you see on the shots is not live yet, it’s still WIP, but we think you deserved a preview

The post A brand new version: sneak peek appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.

• We closed a seed investment of $100,000 with the top Italian investors
• Today some major websites start using iubenda, making us reach some millions final users a month
• Today we release a new invitation system and a public waiting list for entering the upcoming beta
• On July 1st, the top 30 users coming from the waiting list will have the honor to enter the private beta (reserved to Italian users, but we can make some exceptions)

But what is iubenda?

iubenda allows anyone to generate a Privacy Policy for his website, something like this.

We aim to be the Creative Commons of Privacy Policies, our Privacy Policy can be embedded on any website (after a bit of customization) and our goal is to reach the footer of every website in the world.

Millions of final users from day one,
thanks to our Partners

We partnered with some major italian websites for having millions of final users exposed to our Privacy Policies, starting from the first day of launch. Our great partners, using today our privacy policy, are startup.wikli.it, www.fanpage.it, www.ninjamarketing.it, blog.tagliaerbe.com (for the Non-Italian readers: these are the most prestigious websites in Italy where a web startup can appear!).

We also thank our investors: Digital Investment SCA SICAR (advised by dPixel, with Gianluca Dettori as chairman and our mentor), Andrea Di Camillo (Vitaminic, Banzai) and Marco Magnocavallo (Blogo). Their profile is amazing and we are lucky to have them on board. There’s also our friend Stefano Bernardi, with a micro investment.

Do you want a privacy policy like this? Join the private beta!

Today we open the private beta signups. You have a few ways to enter the beta before the others, and to raise your position on the waiting list. Discover them here.

If you want, you can read more about our product on the “how it works” page.

Andrea Giannangelo,
Founder and Chairman of iubenda

For the press:

• Press Release: http://www.iubenda.com/var/iubenda-pr-06102011.pdf
• Press Kit: http://www.iubenda.com/var/iubenda-presskit-en.zip

The post Announcing seed investment, new invitation system, beta invitations from July 1st appeared first on Compliance Solutions for Websites, Apps and Organizations | iubenda.