diff --git a/cheat-sheet.md b/cheat-sheet.md index 1f4d13f..bc39769 100644 --- a/cheat-sheet.md +++ b/cheat-sheet.md @@ -168,7 +168,7 @@ This **Data Protection Cheat Sheet** cannot address individual cases and does ** * [ ] **Important**: Analytics tools that store personal data in the USA are not GDPR compliant since 2020 after the Schrems II ruling! This includes, among others, **Google Analytics** and **Jetpack**. * [ ] Weigh up which analytics tool appears suitable in consideration of the data economy principle. * [ ] Weigh up whether there is a processing reason according to Art. 6 para. 1 lit. b - f GDPR or whether prior consent should be obtained according to Art. 6 para. 1 lit. a. -* [ ] If cookies are stored, inform about it via a cookie banner and provide opt-out function. +* [ ] If cookies are stored, inform about it via a cookie-banner and provide opt-out function. * [ ] Legacy data that exceeds the maximum processing time must be deleted manually. * [ ] **Google Analytics**: Complete DPA, set minimum processing time (14 months), turn off targeting features, pseudonymize IP addresses. * [ ] **Matomo/ Piwik**: Conclude DPA with web hoster, pseudonymize IP addresses, set retention period. @@ -180,8 +180,8 @@ This **Data Protection Cheat Sheet** cannot address individual cases and does ** * Privacy-compliant alternatives include [Fathom](https://usefathom.com/) and [Plausible](https://plausible.io/) (both paid, free for self-hosting). Both do not store any personal data and do not set any cookies. Plausible also offers a [WordPress plugin](https://github.com/plausible/wordpress) for integration. * DPA with Google Analytics does **no longer** need to be in writing - can be concluded with a few clicks. * Integration of GA or Matomo if possible by plugin, to avoid errors. -* For the cookie banner, the opt-out method is currently sufficient, as the GDPR does not explicitly regulate cookies. The opt-in is generally viewed quite critically at the moment. -* **WP Plugin**: [Borlabs Cookie](https://de.borlpara.io/borlabs-cookie/) (cookie banner & 2-click solutions, paid). +* For the cookie-banner, the opt-out method is currently sufficient, as the GDPR does not explicitly regulate cookies. The opt-in is generally viewed quite critically at the moment. +* **WP Plugin**: [Borlabs Cookie](https://de.borlpara.io/borlabs-cookie/) (cookie-banner & 2-click solutions, paid). ### Marketing Tools (e.g. Google Ads, Affiliate Networks) @@ -414,7 +414,7 @@ This **Data Protection Cheat Sheet** cannot address individual cases and does ** * [ ] Imprint and privacy policy should be easily accessible from every subpage of the website (common practice: in the footer menu)! * [ ] Imprint and privacy policy should be accessible separately on two subpages. -* [ ] As soon as mandatory information is covered (e.g. by a cookie banner), it is treated as "non-existent", unless both links are made accessible in the cookie banner. +* [ ] As soon as mandatory information is covered (e.g. by a cookie-banner), it is treated as "non-existent", unless both links are made accessible in the cookie-banner. * [ ] Even a "white page" or construction site page usually requires this mandatory information! * [ ] Even **freely accessible** login and registration pages must contain this mandatory information. @@ -445,7 +445,7 @@ This **Data Protection Cheat Sheet** cannot address individual cases and does ** #### Implementation Advice -* The best way to implement cookie banners in WordPress, set 2-click solutions and block scripts before consent is [Borlabs Cookie](https://de.borlpara.io/borlabs-cookie/) (paid). +* The best way to implement cookie-banners in WordPress, set 2-click solutions and block scripts before consent is [Borlabs Cookie](https://de.borlpara.io/borlabs-cookie/) (paid). ### Imprint