Skip to content

4 features to get your website GDPR-ready

Have you noticed a flurry of Privacy Policy and Terms of Service updates filling your inbox? A significant increase in websites asking you to accept their cookie policies (and they aren’t offering you baked goods)? The European Union recently released new rules regarding data privacy which come into effect May 25th, 2018.

As a business owner, you may need to follow suit to ensure your website is compliant.

What’s GDPR?

The General Data Protection Regulation (GDPR) aims to protect EU citizens from privacy and data breaches. Under this new regulation, citizens of the EU are given the right to knowledge and transparency into what personal data is collected and how it is stored. Further, they have the right to have their information removed from your database.

Why does it matter?

For those of you thinking “My business isn’t located in the EU, this regulation won’t apply to me.”  


Regardless of the location of your business, if your website obtains site visitors from the EU, you will be affected by the GDPR. Fortunately, we’ve released a variety of features to help get you started.  

Where do I start?

Create a Privacy Policy
Per this new regulation, businesses with EU traffic are now required to:

  • Have a Privacy Policy
  • Ensure the Privacy Policy is written in clear and concise language
  • Make your Privacy Policy easily accessible from your website

Don’t have a Privacy Policy? No problem. We have a Privacy Policy tutorial to help get you started. Once you’ve created your Policy, add the copy to a page on your website, then link to the page from your footer and your cookie notification banner.

Add cookie notifications
Websites built with Yola use cookies, ensuring optimal browsing for your site visitors. Websites that receive traffic from the EU are required to get visitors’ consent to use cookies.

We’ve released a feature allowing you to customize your own cookie notification and add it to your website. If you choose to add cookie notifications to your website, the notification will display on your website until your site visitor accepts your policy. Learn how to add cookie notifications to your website in this step-by-step tutorial.

Implement user agreement fields to your contact forms
One large aspect to the GDPR is obtaining consent whenever you collect data from your site visitors (including names, email addresses, contact information, etc.). To meet this requirement, all websites with EU traffic must include a field that requires customers to provide consent when they supply this information to you (i.e. contact form, email list sign up, etc.).

We’ve made it easy for your site visitors’ to give their consent through a user agreement field that can be added to your forms to obtain consent. Learn more about user agreement fields here!

Add your Terms of Service to your Online Store
In order for your Online Store to be GDPR compliant, you need to obtain consent to process your customers’ personal data. Our Online Store has the ability to add legal documentation to your checkout flow, ensuring you always have consent while processing orders. Check out our tutorial on adding your Terms of Service to your Online Store.

*Note: The GDPR is a complex regulation to navigate. This guide serves as an aid in ensuring your own compliance and should not be taken as legal advice. If you have questions regarding the GDPR we suggest consulting with an attorney.

16 thoughts on “4 features to get your website GDPR-ready”

    1. Hello Patrician. If you’d like to see whether or not your store is compliant, and to learn more about getting your Online Store GDPR compliant if you haven’t yet done so, please take a look at this page:

      If you have questions about any of the information discussed in the tutorial, please contact us on and we will gladly assist you further.

  1. Sir, I do have a Yola site but no facilities for collecting data and no wish to collect data from visitors to the website. It is a non commercial site and nothing is sold from the site. Am I required to do anything? Thankyou. Trevor Downer.

    1. Hello Trevor, thank you for your question. The safe thing to do, would be to enable the cookie notification on your site. You can learn more about how to do this, by visiting this link:

      If you’d like to add a Privacy Policy to your site, please see this page for more:

  2. How does the EU intend to enforce it’s law’s outside of it’s jurisdiction? Is the USA a party to an existing treaty or has it become party of a treaty that obliges US citizens to obay forgien laws?

    1. Hi Maria,

      Following the suggestions outlined in our post you will see none of them require your customer to reply to a direct email. Rather we help you set up tools to gain their permission prior to them accessing your website and contacting you.

  3. Hello, My Yola website is an advertising forum for a rental property. I don’t collect any information other than a name and email address to allow correspondence, it also gives the option to make payment via paypal which if used again only supplies me with a name but no other information. What is my situation with regard to GDPR?

    1. Hi Ian,

      By using a contact form to capture visitor information such as name and email address you are subject to the GDRP requirements. We recommend you work through the suggestions detailed above.

    1. GDPR applies to people living in the European Union. However, regardless of where you live, if you have customers in the EU you need to comply with GDPR regulations. It is therefore advisable to follow the instructions for GDPR compliant forms regardless of your location.

Leave a Reply