GDPR-compliant website: checklist for German businesses
Essential GDPR requirements for your website: legal notice, privacy policy, cookie consent and secure forms.
Legal notice and privacy policy
Every commercial website in Germany requires a complete legal notice (Impressum) and privacy policy. Missing these pages risks legal warnings — regardless of company size.
Implementing cookie consent correctly
Cookie consent must be actively obtained (opt-in, not opt-out). Technically necessary cookies may be set without consent, but tracking tools like Google Analytics require explicit permission before loading.
Secure contact forms
Contact forms must transmit data over HTTPS, include a consent checkbox, and only request data necessary for the purpose. Do not store IP addresses longer than needed and inform users about data processing.
Avoiding common GDPR mistakes
Common mistakes: loading Google Fonts directly from Google servers (data transfer to the US), embedding YouTube videos without a two-click solution, newsletter signup without double opt-in. At Manotea we integrate all these requirements by default in every project.