Roadmap

Feature requests

Feature requests New Features

Voters 17

  • Avatar
  • Avatar
  • Avatar
  • P
  • Avatar
  • A
  • Avatar
  • + 11 voters
  • Avatar
  • Avatar
  • M
  • Avatar
  • R
  • G
  • Avatar
  • Avatar
  • L
  • M

⚡️ by Upvoty

17

Privacy acceptance mandatory for GDPR compliance

L
 luca

Over the whole EU, to comply with GDPR we should have a privacy acceptance checkbox in the "custom feedback" form

  • 27-07-2023 -
A

Activity Newest / Oldest

M

Marc T.

1. We need "data processing agreement" (not privay policy) for GDPR compliance. As I understand the terms climbo processes data and therefore needs to supply a data processing agreement to be compliant. If we use climbo and can´t provide a dpa we could be fined. For reference:
termly.io/resources/articles/data-processing-agreement/
Template: gdpr.eu/data-processing-agreement/

2. I spoke to a specialised lawyer who told me the following: In order to use the software (Climbo) in a GDPR-compliant manner, the privacy policy must also be accessible, linked and retrievable in the software/app itself with 1 click from all subpages from a data protection perspective. It is not enough to have the privay policy on the main homepage and not in the app/software itself.

3. When our clients' customers come to the review page to leave a review, 3 Hotjar cookies seem to be set without consent (screenshot).

These are issues that should be solved as soon as possible because GDPR compliancy is very important to most of us.

Privacy acceptance mandatory for GDPR compliance

  • Avatar
Avatar

Ramin Adam

this is a must have in whole EU and climbo must consider integrating this with high priority regardless the votes here!

Avatar

Hajo Rappe

I have now also informed myself a little more thoroughly. @Marc T. is right, the privacy policy and an imprint must not only be available on the landing page, but also in the Climbo app, i.e. the software itself, before and after login with just one click. Another big problem is the use of Google fonts, which must be integrated locally and must not be loaded remotely. Google fonts must also be specified in the privacy policy. The use of Stripe must of course also be specified in the privacy policy.
A consent tool (cookie banner) is also necessary, especially if you integrate a tracking code or other tools.
A simple solution would be:
- The local integration of Google Fonts.
- The option for each white label customer to add several of their own links.
- The possibility for each white label customer to add a consent tool script (usercentrics or similar). I have tried it in the custom code field, but it does not load correctly from there.
I look forward to solving this together with the Climbo team and will be happy to help.

  • Avatar
  • M
Avatar

Hajo Rappe

From the programming side, this implementation that I suggested would certainly take no more than 1-1.5 days.

R

FantomasRx

Legal documents must be adapted to the legislation of the country where our company is based.
Concerning the general terms and conditions, the customer must be able to have them in a digital pdf version with the date of the last update.
This document must be attached to the service invoice.
For our part, we have to archive the different versions and e-mail any new versions to our customers, in addition to updating the website.

  • M
G

Giacomo Chinellato

Status changed to: Under review

G

Giacomo Chinellato

Status changed to: Open

G

Giacomo Chinellato

Status changed to: Under review