Streaming live at 10am (PST)

Confused! GDPR / Privacy Policy / Cookies / Webflow Data Processing Agreement / Privacy Shield

OK…I have read the different posts on this but I´m confused! Can someone please help clarify these steps?? :slight_smile:

  1. I create a website in Webflow for a client in the European Union (I´m also based in the EU)
  2. I add a pop-up cookie notice on the website, asking for permission to use cookies.
  3. Add a link to a Privacy Policy document - where do I get a privacy policy from?
  4. The default option should be to ´opt out´.
  5. Using Google Analytics on the site is fine, as this is anonymous. Is this a correct statement?
  6. The client needs to request the Webflow Data Processing Agreement to sign. What is this document?!
  7. I disable form collection information within Webflow, only the client should see this info (sent to their own personal email)
  8. Do I need to link the Webflow Privacy Shield on the website? And what on earth is this?!

RE: cookie bar: do I also need to add something like “your data will be sent to servers in the USA” ?

Is there a preferred Webflow solution / widget for this? I know @PixelGeek did a youtube video on modal pop-ups. And there are 3rd party ´cookie pop up generators´. What do people use??

Sorry for the long list!!! I´m just trying to make sense of it all.

After doing all those things, does this make me GDPR compliant?


How are other Webflow users creating their pop-up cookie bars? 3rd party widgets´ or designing from scratch in webflow?

Also, if anybody can help with points 3, 6 and 8 that would be great!


OK…looks like I´ll work it out on my own!!


Hey Terry!

glad to read that you´ve figured it out!
Quite a task to deal with the legal issues! :slight_smile:

May I ask you to share your approach to this, basically thow you have solved it by yourself? :wink:
I am just starting out with Webflow and obviously, GDPR is something to look at. :-/

Many thanks in advance!

Hi @TerryHibbert,

I use for all my website. It’s a breeze to add to your website and comes with the legally required functions such as consent log, cookie declaration, deny all cookies and has support for multilang it does add a small cost, they have an agency reseller plan for 37,95 EUR if my memory is right.

3- The privacy policy is more complicated. There are a ton of free models on the internet ( check, you can have one with a free account ). But to what I know none of them explains what’s the privacy shield and SCCs. We hired a lawyer to redact it.

6- Not sure about that. I did sign it as an agency but Webflow has not been clear if our clients also need to sign said DPA. I think they need too. But it’s their responsibility to ask for it.

8- hyperlinking it in your privacy policy could be recommended.

Disclaimer: I’m not a lawyer, everything said above is not an official legal advice and cannot be used in a court of law.