DIETERVOM10ER

Yes, every website operator must have a privacy policy.

This obligation arises from GDPR. According to this, anyone who processes personal data must inform the data subjects about the details of the processing.When a website is accessed, at least the IP addresses of the website visitors are automatically forwarded or stored and thus processed. Since IP addresses are already considered personal data, the obligation to provide a privacy policy therefore applies to every website operator. 

A privacy policy must provide website visitors with comprehensive information about which of their data is processed and what happens to it.

A privacy policy should contain the following information:

• The responsible body and contact information for inquiries and complaints
• Type and purpose of the processed data
• the legal basis
• Recipient of the data
• the storage period
• Transfer to a third country
• the use of cookies and tracking technologies
• the option to withdraw consent
• the rights of data subjects (e.g. access, rectification, erasure)

The privacy policy must be precise, transparent, in an easily accessible form and in clear and simple language so that data subjects can understand how their data is processed.

A privacy policy must be individual and provide complete information about all data processing operations on the website. It must also comply with the current legal situation, be formulated in appropriate language and be correctly incorporated into the website.

With DIETER simple and targeted questions ensure that all data processing operations on the website are identified and that the data protection obligations are fully met by providing all necessary information. The content and texts are developed and checked by lawyers and data protection officers.

Ideally the privacy policy should be viewed as an ongoing process that is constantly adapted to the current circumstances, whether on the part of the website or the legal situation, adapted.

When DIETER creates a privacy policy, all necessary information is collected by asking simple questions.

In concrete terms, this means that you click step-by-step through questions that in most cases can be answered with yes or no. For example: Do you offer a newsletter?

By asking clever questions and offering a wide range of predefined services, DIETER ensures that all mandatory information is included in the privacy policy. 

No specialist or prior knowledge is required to answer the questions.

The result is a complete document that contains all the necessary information and can be integrated directly into the website.

The privacy policy can be adapted again and again and thus react flexibly to actual or technical changes. DIETER always keeps an eye on legal changes and always provides you with the latest legally compliant version.

Consent is required for the use of digital tools and external third-party services. Tools are e.g. Google Analytics, Google reCAPTCHA, Google Maps, YouTube videos or live chats. Newsletter providers or cloud services are, for example, services provided by external providers.

Here is a selection of the services we already offer. You can order additional services individually via the app and we will add them to your privacy policy free of charge within a week. At the same time, the database grows for everyone:

Hetzner, E-Mail, Intercom, Hubspot, Calendly, Eventbrite, Google Forms, Borlabs Cookie, Wix, Mailchimp, Mailchimp, Google Analytics, Social-Media-Elemente mit Shariff, Vimeo, Zoom, Bonitätsprüfung, Digistroe24, Billbee, Alfahosting, Telefon, Hubspot, Strato, Acuity Scheduling, Ticketmaster, Typeform, Cookiebot, webflow, MailJet, MailJet, Matomo, Facebook, Google Fonts, ClickMeeting, Stripe, CopeCart, Merchize, Automattic, Kontaktformular, crisp, Sendinblue, eTermin, Eventix, Jotform, ConsentManager, IONOS, Active Campaign, Active Campaign, LeadLab, Twitter, Adobe Fonts (Typekit-Schriftarten), TeamViewer, PayPal, ClickBank, Printify, DomainFactory, Chat, GetResponse, mailchimp, jameda, Squarespace, Formspree, Osano, DomainFactory, Clevereach, Clevereach, Youtube, Instagram, Font Awesome, Skype for Business, Apple Pay, UpPromote, Teeinblue, Host Europe, Chatbots, Userlike, WordPress, Doctolib, pretix, msforms, Cookie Notice & Compliance, Jimdo, CleverElements, CleverElements, google Maps, Tumblr, MyFonts, GoToMeeting, Google Pay, Shopify Collabs, Packlink Pro, IONOS, Whatsapp, Shopify Inbox, Contact Form 7 WordPress Plugin, YouCanBook.me, elopage, Forminator (WordPress Plugin), Complianz, webgo, Klick-Tipp, Klick-Tipp, google conversion Tracking, LinkedIn, OpenStreetMap, Microsoft Teams, Klarna, AfterShip Affiliate, Mittwald, Telegram, DIVI for WordPress, Google Calendar, Meetup, WIX Forms, Pixelmate, STRATO, Rapidmail, Rapidmail, Google Ads Remarkerting, XING, Google reCAPTCHA, Google Hangouts, Paydirekt, Amazon Partnernet, Raidboxes, Shopify, timify, Edkimo, GDPR Legal Cookie by Shopify, GoDaddy, Sendinblue, Sendinblue, Google Tag Manager, Pinterest, hCaptcha, Google Meet, Sofortüberweisung, Tapfiliate, Squarespace, Jimdo, microsoft bookings, Lamapoll, CCM19, weebly, GetResponse, GetResponse, Google Ads, YouTube, Fiendly Captcha, Webex, Amazon Pay, Strato, Wix, BookingPress, Webflow Forms, Real Cookie Banner, Squarespace, MailerLite (wird als Hoster erkannt?), MailerLite, Google AdSense, Amazon Music, Wordfence, Whereby, Giropay, webflow, Jotform, cituro, intercom, Usercentrics, wordpress, Quentn, Quentn, Google DoubleClick, Apple Music, iThemes Security, Discord, Shopify Payment, webgo, Tellscale, simplymeet.me, pollunit, Wix, Shopify, Zoho Campaigns, Zoho Campaigns, Meta Pixel, Spotify, Ninja Firewall, American Express, WIX, Forminator (WordPress Plugin), EASYklaviyo, Ionos, Cargo, ConvertKit, ConvertKit, Hotjar, TikTok, SoundCloud, Mastercard, Amazon Web Services, IONOS, Hubspot, Squarespace, Typo 3 Cookie Consent , Webnode, MailPoet, MailPoet, etracker, Storyban, Spotify, VISA, Google Firebase, Wedabor, Start Booking, n8n, Squarespace, FunnelCockpit, Inxmail, Inxmail, IONOS WebAnalytics, Discord , Zendesk, Unionpay, Shopify (nur über Baukasten), WPForms, GoHighLevel, KlickTipp, Eigene Entwicklung , GetResponse, Postwerbung, Postwerbung, WP Statistic, tawk.to, WooPayments, Jimdo, GoDaddy, Setmore, GoHighLevel, Shopware, All-inkl., Customer.io, Customer.io, Squarespace Analytics, Tidio, Laybuy, Cargo, Squarespace, Fitogram Pro, Tripetto, Pixieset, One.com, The Newsletter Plugin, sendGrid, Hotjar (doppelt?! Siehe K14), Userlike, Afterpay, WordPress (nur über Baukasten), Elementor, Simply schedule appointments, GDPR Cookie Compliance (WP Plugin) , Webador, Wix, Google mail, etracker, Zapier, Wix Payments, GoDaddy, Shopware, Strato, Adobe Portfolio, Listmonk, Wix, IONOS WebAnalytics, ManageWP, Mollie, weebly, Pixieset, Pandectes GDPR Compliance, Google sites, IONOS, IONOS, WP Statistic, Webinaris, Funnelcockpit, All-inkl., CookieYes, Webspacy, Shopify, WordPress, Squarespace Analytics, Webinarjam, Netcup GmbH, webflow, iubenda Cookie Solution, Perspective, Klaviyo, Zendesk, Microsoft Clarity, Site Search 36ServMedia, eigene Entwicklung, Trew Knowledge, Pixieset, EmailOctopus, Joomla, Mautic, Clearbit, All-inkl., FunnelForms, Nuxt Cookie Control, Wordlsoft Business Suite, Hubspot, Shopify, Evalanche, Storylane.io, One.com, WebConnector, Adobe Portfolio, durable, Beehiiv, Uberspace, Facebook Conversion API, Gwolle Guestbook, netz-haut, durable, Shopify, make, Weebly, Shopware, Facebook Custom Audiences, YouTube, Webador (nur über Baukasten), Adobe Portfolio, FunnelCockpit, United Domains, Squarespace, Oracle responsys, LinkedIn Insight Tag, Bunny Fonts, Adobe Portfolio (nur über Baukasten), Contao, OneTrust, Framer, WordPress, Klaviyo, Criteo, Google Maps, Webspace4all.eu, Personio, Consentmo GDPR, Checkdomain, FunnelCockpit, Amazon SES, Outbrain, SliceWP, Biohost, EASYonepage.io, Hostinger, Pipedrive, Emailoctopus, Pinterest-Tag, WPLoyalty, Uberspace, Formspark, Vitals, GoHighLevel, Flodesk, EASYVG Wort Zählpixel, komoot, Greensta, Formspree, CookieRobot, Canva, Hubspot, FunnelCockpit, judge.me, RockingHoster Deutschland, n8n, devowl.io, iCloud, Cloudflare Analytics, ETranslate, Perspective (nur über Baukasten), Proofox, booqable, New Relic, Bootstrap, Pixieset (über Bauksten), Websitex5, jimdo, Firebase, Weglot, Profihost GmbH, booqable, Webador, Tinybird, HiDrive -Strato, Google sites (nur über Baukasten), United Domains, United Domains, durable, HiDrive – IONOS, United Domains, Weebly, Domain Factory, make, Miro , Vercel, Gravity Forms, Webgo, sentry, Mapbox, Worldsoft (nur über Baukasten), Strato, Vitals, WP Cach Enabler Plugin, durable (über website building), GoDaddy, PostHog, Antispam Bee, make (über BAUKASTEN), Thunderbird, Strato Marketing Radar, Updraft Plus, Cloudflare, Webnode, GA Connector, Cloudflare DNS, Elementor, Fitogram Pro, Plausible.io, Cloudflare Turnstile, ChemiCloud, SiteGround, Framer (über Baukasten), Platform.sh, Monoki, BYTS Tech, MyLoc AG, manitu, Hostinger, WPEngine

We generally recommend having a privacy policy drawn up by an expert. Formal requirements for the author do not exist, however.

The preparation requires a high degree of accuracy and requires numerous different factors to be considered. In addition, current technological developments must be understood in order to correctly capture the dynamic and highly competitive environment of service providers and adequately reflect this in the privacy policy.

The absence of a privacy policy or the existence of an inadequate privacy policy can have serious consequences. This is a violation of applicable data protection regulations (in Germany, in addition to GDPR , the BDSG is also particularly relevant), which can be punished with a fine of up to 20 million euros or 4% of the annual turnover achieved worldwide - depending on which amount is higher.

All companies must meet the requirements of GDPR . This applies regardless of the number of employees and therefore even for sole traders and solo self-employed persons. With Dieter, you no longer have to worry. We take care of everything you need to fulfill your legal obligation.

Warning letters due to GDPR infringements have steadily increased in recent years. This is exemplified by the numerous warnings issued in the summer of 2022 due to the unlawful use of GDPR fonts by Google. Irrespective of the fact that some of these warnings were not lawful, they were based on a decision by the Munich Regional Court in January 2022. In addition, the European Court of Justice (ECJ) ruled at the end of 2022 that consumer associations are generally entitled to issue warnings due to an GDPR infringement. These (and other) court rulings point to further waves of warnings. These could affect all companies that do not comply with their legal obligations.

A GDPR-compliant website is the first step in effectively protecting yourself from warning letters. In 2022, there were already countless warnings due to the unlawful use of Google fonts. Dieter not only takes care of your data protection issues, but also creates your Legal notice.

In Germany, around 85% of all German companies were victims of a cyberattack in 2022. Each affected company incurred average costs of around €20,000 per incident. In addition, around 20% of customers terminate their contracts with affected companies or delete their accounts. The risk of being affected is significantly reduced simply by implementing mandatory technical and organizational measures (TOMs).

Almost all German companies use services from companies (Google, Microsoft, Meta, Amazon, etc.) with which an international data protection contract (SCC/JC) must be concluded. In addition, digital service providers necessarily "receive" personal data from their clients for the service offered. In these cases, it is essential to check whether and with whom so-called data processing agreements (DPAs) need to be concluded. Dieter carries out this check and always provides the correct contract.

79% of Internet users are afraid of "data misuse". And quite rightly so! Because since 2022, personal data has been legally equivalent to a currency. Awareness of this is growing all the time. This data should be just as secure as a bank account. And this is guaranteed by the implementation of GDPR.

Over 2/3 of participants in a study on "Consumer data and data protection" (commissioned by McKinsey & Company) stated that they would no longer want to be a customer of a company that does not protect their data or passes it on without a legal basis, or would no longer work with such a company. It also shows that responsible handling of personal data and compliance with all legal obligations is a clear competitive advantage.

It refers to the fact that everyone has the right to determine for themselves what personal (and therefore very private) data about them is collected, stored and used. It also offers the possibility of preventing abuse, fraud and discrimination. Data protection is therefore an essential part of the (fundamental) right to informational self-determination under the German Basic Law. This right protects the privacy, identity and freedom of every person and is therefore essential for a democratic society. Respecting it should be a matter of course for every company.