GDPR, website privacy and technical compliance

GDPR compliance for websites, companies and digital projects

We review your website, prepare or coordinate the necessary legal texts and implement the technical side of GDPR: forms, cookies, newsletters, ecommerce, digital providers and legal notices.
For companies, self-employed professionals, academies, ecommerce businesses and digital projects that want to adapt their website with legal, technical and human criteria.
The problem

Copying legal texts or generating them with AI does not make your website GDPR-compliant

Today it is very easy to ask an AI, Google or an online template to generate a legal notice, a privacy policy or a cookie policy. The text may look correct, sound professional and fill several pages. But that does not mean it truly protects your business or that your website is complying with what it says.

GDPR is not just about having nice-looking texts. It is about those texts accurately explaining what happens on your website: what data you collect, what you use it for, which tools are involved, which cookies are loaded, which providers receive information and what rights the people who contact you have.

An automated legal text can give you a false sense of security

If your privacy policy says one thing, but your forms, cookies, newsletter, ecommerce or external tools do another, the problem remains. That is why we do not work with generic texts disconnected from the technical reality of your website.


What we review

Real GDPR compliance must look at what happens inside your website

Legal texts

We prepare or review the legal notice, privacy policy, cookie policy, contracting terms, terms of sale and specific texts depending on the type of project.

Forms

We review contact, quote request, booking, registration, support, download, lead magnet and newsletter forms so they provide proper information before collecting data.

Cookies and consent

We review the cookie banner, accept, reject and configure buttons, categories, prior blocking of non-essential cookies, cookie policy, analytics scripts and advertising pixels.

Newsletter and email marketing

We review sign-ups, consent, double confirmation when appropriate, unsubscribes, email marketing provider, segmentation, automations and connections with WordPress, WooCommerce, LearnDash, Moodle or CRM.

Ecommerce and payments

We review checkout, terms of sale, returns policy, right of withdrawal when applicable, customer accounts, orders, transactional emails, billing and payment providers.

Digital providers

We review hosting, analytics, CRM, calendars, chats, payment gateways, course platforms, SaaS tools, automations, AI and external services that may process personal data.
What it is

We adapt the legal and technical side of your website

At Kademar, we review your website as a complete system. We do not only check whether there is a “Privacy Policy” page. We also review forms, cookies, scripts, external tools, newsletters, ecommerce, hosting, automations and digital providers.
Our goal is for the visible part, the technical part and the legal texts to be aligned with what your project actually does.
Legal part
Legal notice, privacy policy, cookie policy, terms of sale, information clauses, rights, purposes, lawful basis and providers.
Technical part
Forms, checkboxes, cookie banner, script blocking, legal links, integration with newsletters, ecommerce, CRM, analytics and external tools.


GDPR in the AI era

AI can help you write, but it cannot know by itself how your business works

An automatic generator can draft a convincing privacy policy. But it cannot, by itself, audit which plugins you have installed, which cookies your website loads before consent, which forms send data to third parties, which automations you have created or which providers are actually involved in your operations.

That is why, in the age of AI, automatically generated legal texts are not enough. The difference lies in reviewing the real case, understanding the data flow and adapting the website to what actually happens.

 “It is not about having a privacy policy that sounds good. It is about making sure your website does what that policy says.”

Value packages
Web hosting plans according to the type of project
Choose a fast and secure foundation for your corporate website, WordPress site or online store. If you are not sure what you need, we help you choose the right plan without oversizing.
  • Companies with a corporate website and contact forms.
  • Freelancers and professionals who attract clients through their website.
  • Academies, trainers, and memberships with students, leads, or newsletters.
  • Online stores with WooCommerce or other ecommerce systems.
  • Projects that use cookies, analytics, pixels, or campaigns.
  • Businesses that have added plugins and tools without reviewing the legal impact.
  • Companies that handle sensitive documentation or customer data.
  • WordPress, Oxygen Builder or WooCommerce websites, or custom developments.


Kademar difference

We are not an automatic legal text generator

Kademar does not simply hand you generic documents. We review your real website, your forms, your tools, your cookies and your digital processes. Then we help you implement what is needed so the legal side and the technical side are coherent.

Technical vision

We understand WordPress, WooCommerce, forms, cookies, scripts, hosting, CRM, email marketing and external tools.

Coordinated legal vision

We prepare or coordinate legal texts adapted to each case, without relying on generic copies or disconnected templates.

Real implementation

We do not just give you a document. We can apply the necessary changes to the website so compliance becomes operational.
Value packages
Web hosting plans according to the type of project
Choose a fast and secure foundation for your corporate website, WordPress site or online store. If you are not sure what you need, we help you choose the right plan without oversizing.
  • Companies with a corporate website and contact forms.
  • Freelancers and professionals who attract clients through their website.
  • Academies, trainers, and memberships with students, leads, or newsletters.
  • Online stores with WooCommerce or other ecommerce systems.
  • Projects that use cookies, analytics, pixels, or campaigns.
  • Businesses that have added plugins and tools without reviewing the legal impact.
  • Companies that handle sensitive documentation or customer data.
  • WordPress, Oxygen Builder or WooCommerce websites, or custom developments.


Process

How we handle GDPR compliance

Step 1
We review your website
We analyse forms, cookies, external tools, current legal texts, newsletters, ecommerce, digital providers and technical structure.
Step 2
We detect risks and gaps
We tell you what is missing, what is not aligned, what should be corrected and which parts require a more specific review.
Step 3
We prepare or coordinate the legal texts
Depending on the case, the necessary legal texts are prepared or the review is coordinated with a specialised legal profile.
Step 4
We implement the technical side
We configure forms, links, banners, cookie blocking, legal pages, checkboxes, newsletters and the necessary adjustments.
Frequently asked questions

Frequently asked questions about website GDPR compliance

The GDPR is the European Union's General Data Protection Regulation. It governs how personal data must be processed and what information people must receive when a company, professional or organisation collects their data.

It is not recommended. Each website collects data differently, uses different tools, payment gateways and, above all, different cookies. Copying legal texts may cause you to provide incorrect information, omit providers or declare processing activities that do not match your case. This means you are not properly covered, you are failing to comply with the law and you expose yourself to possible sanctions.

You can use them as a starting point, but not as the final compliance setup. An automatically generated text does not review your real website, your cookies, your forms, your providers, your automations or your internal processes. If the text does not match what your website actually does, it does not truly protect you.

Yes, if the website collects personal data through forms, comments, ecommerce, newsletters, analytics, cookies, pixels, bookings or external tools.

No. The banner is only one part. You also need to review which cookies are loaded, when they are loaded, how users are informed, and whether the accept, reject and configure options are set up correctly.

Non-essential cookies that require consent must be managed so the user can decide before they are installed. That is why an informational notice is not enough if the website is already loading non-essential cookies.

Yes. When personal data is collected, users must receive clear information about who processes the data, for what purpose, what the lawful basis is, whether there are recipients or transfers, and how they can exercise their rights.

It is not always mandatory as the only method, but it is usually recommended because it helps prove that the person actually requested the sign-up. The important thing is to be able to demonstrate a valid basis for sending communications.

You need to review how they are configured, what data they collect, whether they require consent, which provider is involved and whether there are contracts, safeguards or international transfers that must be taken into account.

Yes. We can review terms of sale, checkout, privacy, cookies, payment gateways, transactional emails, customer accounts, orders and forms.

Not necessarily. If you change tools, add forms, install new plugins, activate campaigns, add pixels or modify processes, it is advisable to review the compliance setup.