Normally, when a site visitor goes to a web site that loads a font or image, etc, from another web site, that visitor's IP address is sent to those sites so that they can monitor who and where the demand is coming from. The phrase "No such thing as a lunch" bears home here, because the "free" service can be considered a monitoring service or as a potential way to fund growth based on users of the service. Before GDPR, we were not too bothered by this issue, but post GDPR, it is one of the main issues being taken very seriously by many.
At the centre of the current debate about how best to make a web site GDPR compliant, is that when an external call to a font, video, image or icon service is made, whether the web sites visitors IP address sent to these sites, can identify the user. It is undeniably, one piece of the identity puzzle and your service provider can certainly identify you from your IP address. You then depend on your service provider protecting your data and unfortunately every country has one or more examples of huge data breaches, e.g. in the UK, the service provider TalkTalk. The Court of Justice of the European Union has held that IP addresses are "personal data" in certain circumstances as documented here. This topic is often debated and is often denied by those who have a dependancy on external calls or have a degree of work to do to avoid external calls.
However, this debate is somewhat irrelevant, because it is web site visitor who will decide what's safe and what is not safe. The last thing that any web site owner wants, is for a visitor to consider a web site unsafe or non compliant, by demonstrating an ineffective privacy policy, and as a result, decline to visit that site. This applies worldwide and will will become more relevant as the world continues to tighten up on privacy and data protection and more scare stories emerge about data breaches and data misuse.
The solution taken by this web site is simple. I.e. avoid all calls to other web sites so that there is no grey area whatsoever. If you are building sites for others who may not fully understand the issue, the grey area needs to be avoided, because you don't want them coming back to you accusing you of building a non compliant web site.
Contact forms can sometimes put visitors off. Why so many questions, when all I want to do is make contact? Why do I have to enter my name, etc.? Did the form send because I missed the "Checkbox tick" warning? The contact process on this GDPR demo web site, at the bottom of this page, has been stripped back and made as simple as possible. In addition, it transfers the form filling to the visitors email system which they will feel more comfortable with and consequently, feel more in control of their information.
Alternatively, any suitable well designed GDPR friendly contact form can be used inside the contact section to replace the obfuscated email link.
The email address link displayed is an obfuscated email, i.e. it is very difficult for an email gathering bot to read and steal. There are many free web services you can use to obfuscate your contact email address such as the one linked to using the button below.
Below is a brief example of how Cookies can be displayed and how they can be set from within any page to tailor a users Cookie preference (if they have a preference). It demonstrates to customers that they are in control of cookies and the sometimes confusing topic of cookies, is visible to see what happens if they are enabled or disabled.
All icons in this section are Font Awesome 5 medium weight icons. Make your site look different by using FA5 icons. These FA5 symbols on circles can link elsewhere.
All icons in this section are Font Awesome 5 medium weight icons. Make your site look different by using FA5 icons. These FA5 symbols on circles can link elsewhere.
All icons in this section are Font Awesome 5 medium weight icons. Make your site look different by using FA5 icons. These FA5 symbols on circles can link elsewhere.
Google Fonts are used and are loaded locally into RW Resources. Quick and easy to do and no external calls are made to Google Fonts. Any Google Fonts can be used in this way.
The Unsplash image used at the top of this page, is loaded locally, so no remote call is made to download the image.
Uses highly configurable cookie manager to allow users to decide what to show or disable depending on cookie choices.
HTTP referrers headers are stopped for all requests (good practice advice from Swedish government Webkoll - use checker button below).
We have a very simple data and privacy policy which is that we will not send any information about you to anyone else. If you would like to contact us, please use the button below labelled I Agree, to show that you agree with our Privacy Policy. To view our short easy to read and understand privacy explanation, just click on the link below. Sorry, but to comply EU law, we have to show this message.
I agree with this web sites safe data & privacy policy, which I can view here.
Simply click the email address below or copy it into your email system, to contact us.
Tel 01234 567890
Webdeersign Project 15 for FOUNDATION