GDPR
General Data Protection Regulation
The General Data Protection Regulation is a Regulation of the European Union, which regulates the processing of personal data by companies and which is standardized throughout the EU. This protects EU citizens against the misuse of their personal information. This is valid since the 27.04.2016 and is punished since 25.05.2018 with penalties. For this reason, companies that come from or want to sell in the EU are faced with new challenges.
This also applies to internet site operators. These must ensure that the new laws are complied with.
- Visited website
- smart-media.design
- Your browser
- Your operating system
- https://commoncrawl.org/faq/
- Your language and country
en-US
- Your IP address
- 18.234.247.75 / ec2-18-234-247-75.compute-1.amazonaws.com
- Your browser window size
- x px
The IP address is a personal date as it is dynamically assigned by the provider. However, this only applies to IP-V4 addresses. If you already refer to the new IP-V6 addresses, you will no longer be assigned them dynamically, but keeps the once assigned permanently. Even if a user logs in and has previously registered, or place an order and enter his address here, the IP address can be assigned a unique person and their address at this time, without having to ask the provider.
This circumstance can be avoided by encrypting the IP address through a proxy or a VPN. Here another IP address is switched before your own, so the own IP address remains hidden.
What is an SSL / TLS certificate
An SSL / TLS certificate encrypts the communication channel between two computers, so the data can not be read by third parties. SSL / TLS certificates are available in different security levels and price classes. The certificate is issued by an official certification body, the Certification Authority (CA).
There are 3 types of SSL / TLS certificates:
1. Domain Validation
It checks whether the applicant has technical access to the domain he has specified.
2. Owner validation
The applicant must be the existence of the company for example prove by a certificate of registration or trade license.
3. Extended Validation (EV)
This variant is subject to the strictest procurement guidelines. In addition to the extract from the commercial register, detailed information on the company, as the business headquarters and contact person required. The visitor recognizes such secured page by a green address bar.
Advantages of an SSL / TLS certificate
Better Google ranking
Secure data transfer with up to 256-bit encryption
Greater trust through advanced validation
General Data Protection Regulation
The DSGVO clearly defines SSL / TLS certificates. Any website that has a form must be protected by an SSL / TLS certificate, so SSL / TLS certificates are now an integral part of websites.

Forms are embedded in the web page input or selection fields to send data to the server. So a quick and easy contact can be established. To continue the contact after the recording these are mostly personal data.
To prevent attacks, forms should be protected by captcha. This makes it difficult to submit the form by computer program.
Example of a form
This form is validated on the server side to properly represent the example. The sent data are neither stored nor answered and are only for demonstration.
Frontend validation
Data protection basic regulation
The DSGVO clearly defines the handling of forms. Each form needs an explicit approval of the privacy statement. To do this, each form must have a checkbox that links to the privacy policy. Submission and processing of the Formualrs may only take place if the checkbox ezpliziet has been activated. This must be validated in the backend as the frontend validation can be issued.
A privacy policy describes how data is processed. How is the data collected, how is the data used, who has access to the data, how long the data is stored.
It also describes how to ensure the privacy of users.
What must go:
- Responsible of the site
- Affected rights
- Purpose of data processing
- Capture of information
- Notice of change of privacy policy
Optional (if available):
- Contact form
- Cookies
- SSL / TLS encryption
- Data Protection Officer
- Third party integrations
- Opt-out
Data is usually stored in a database to retrieve them quickly and in a specific context. Personal data must be encrypted, so unrecognizable, stored. So if third parties should have access to these, they can not read them.
General Data Protection Regulation
Personal data must be encrypted and stored.