iubenda makes your business GDPR Compliant

Consent isn’t enough, you need to be able to prove it.

iubenda offers an all-inclusive solution for businesses striving to conform with the GDPR regulations set by the European Union. This includes services from managing consent to processing records, and much more to ensure full compliance. Hellenic Technologies, a Gold Certified Partner, is proficient in integrating iubenda into your website seamlessly, free of charge, provided that you choose one of the subscription plans, which are identical to those listed on iubenda’s website.

Trusted by over 100 businesses in 10+ countries


Find out how we can help you adapt your site or app to the regulations


Websites and apps must always comply with certain requirements imposed by law. Failure to comply with the legal requirements, can result in serious penalties including substantial fines, audits and potential litigation.

For this reason we have chosen to rely on iubenda, a company built on both legal and technical expertise, that specializes in this sector. Together with iubenda, of which we are Certified Partners, we have developed a proposal to offer all our customers a simple and safe solution to their compliance needs.
Privacy and
Cookie Policy
The law obliges each site/app that collects personal data to disclose relevant details to users via dedicated privacy and cookie notices.
Privacy policies must contain certain fundamental elements specific to your particular processing activities, including:
  • the contact and identifying details of the data controller;
  • which personal data is being processed;
  • the purposes and methods of processing;
  • the categories of sources from which consumers’ data is being collected;
  • the legal bases of processing (e.g., consent);
  • the third-parties that may also access the data — this includes any third-party tools (e.g., Google Analytics);
  • details relating to the transfer of data outside the European Union (where it applies);
  • the rights of the user;
  • description of notification process for changes or updates to the privacy policy;
  • the effective date of the privacy policy.
The cookie policy specifically describes the different types of cookies installed through the site, any third-parties to which these cookies refer – including a link to the respective documents and opt-out forms – and the purposes of the processing.
Can’t we use a generic document?
It’s not possible to use generic documents as your policy must describe in detail the specific data processing carried out by your site/app, and must also include the particular details of any third-party technologies (e.g., facebook Like buttons or Google Maps) specifically used by you.
What if my site does not process any data?
It’s very difficult for your site not to process any data. A simple contact form or a traffic analysis system such as Google Analytics is enough to trigger the obligation to prepare and display a privacy and cookie policy.
EU Cookie Law

In addition to providing an easily available and accurate cookie policy, in order to adapt a website to the cookie law, it is also necessary to show an informative cookie banner which links to a detailed cookie policy at the first visit of each user, giving the user the opportunity to either reject or grant consent to the installation of cookies.

Most types of cookies, including those issued by tools such as social sharing buttons, should only be released after the user have provided a valid consent.

Furthermore, many third-party vendor networks may limit ad reach if you do not have a cookie management system that meets industry standards in place — potentially reducing your ability to generate ad revenue.

What is a cookie?
Cookies are small files used to store or track certain information while a user browses a site. Cookies are now essential to the proper functioning of a site. In addition, many third-party technologies that we integrate into our sites, such as simple video widgets or analytics programs, also use cookies.
The process which allows the user to opt-out should be facilitated via a “Do Not Sell My Personal Information” (DNSMPI) link which should be accessible from your notice of collection and elsewhere on your site (best practice would be to also include the link in the footer).
My business is not based in California, do I need to comply with CCPA?
The CCPA applies to most businesses that collect or could potentially collect Californian customers personal information, whether or not the business itself is geographically located in California. Since IP addresses are considered personal information, this likely applies to any website with at least 50,000 unique visits per year from California.
Consent according to GDPR and LGPD

When a user directly enters personal data on a site/app, for example by filling in a contact form, service registration or newsletter subscription, it is necessary to collect consent that is freely given, specific and informed. Under the GDPR, it’s also necessary to keep unambiguous records that allow you to demonstrate that valid consent was collected.

Similar to the GDPR, the Brazilian LGPD also requires the data controller to provide an unambiguous proof of consent, giving evidence that the user’s consent was collected by a valid means.

What is free, specific and informed consent?
You must obtain consent for each specific processing purpose – for example, a consent to send newsletters and another consent to send promotional material on behalf of third-parties. Consent may be requested by setting up one or more checkboxes that are not pre-selected, not mandatory or coerced (freely given) and accompanied by relevant disclosures that make it clear to the user how his or her data will be used.
How can proof of valid consent be demonstrated unambiguously?
A range of information must be collected each time a user fills in a form on your site/app. This information includes a unique user identification code, the content of the privacy policy accepted, a copy of the form submitted by the user as well as a record of the opt-in mechanism used.
Is the email I receive from the user as a result of filling out a form not sufficient as proof of consent?
Unfortunately, it is not sufficient, as some information necessary to reconstruct the suitability of the procedure for collecting consent is missing, such as a copy of the form actually completed by the user and the version of the privacy documents available to the user at the time the consent was collected.
Do I have to comply with the LGPD even if my organization is not based in Brazil?
The LGPD has a territorial scope that extends outside of Brazil. This means that you may have to comply even if you or your business are not based in Brazil. Therefore, you fall under the LGPD scope if you process data from individuals located within the Brazilian territory, regardless of their nationality (even if they were in Brazil only at the time of data collection, and have since moved).
Terms and Conditions
In certain circumstances it can be necessary to protect your online business from potential liabilities with a Terms and Conditions document. Though not always legally required, Terms and Conditions set the way in which your product, service or content may be used, in a legally binding way.

The Terms and Conditions typically contain copyright clauses, disclaimers, terms of sale, allow you to set governing law, list mandatory consumer protection clauses, and more.

The Terms and Conditions should at least include:

  • the identification of the business;
  • a description of the service that your site/app provides;
  • information on risk allocation, liability, and disclaimers;
  • warranty/guarantee information;
  • the existence of a withdrawal right;
  • safety information, including instructions for proper use (e.g., terms of delivery of product/service);
  • rights of use;
  • conditions of use/purchase (e.g., age requirements or location-based restrictions);
  • refund policy/exchange/termination of service and related information;
  • information related to methods of payment.
The cookie policy specifically describes the different types of cookies installed through the site, any third-parties to which these cookies refer – including a link to the respective documents and opt-out forms – and the purposes of the processing.
When is it mandatory to have Terms and Conditions?
Everyone from bloggers to e-commerce, SaaS, and enterprise businesses can benefit from setting Terms of Use. However, in some cases it can be mandatory, such as in the case of e-commerce, where payment data is processed.
Can I copy and use a Terms and Conditions document from another site?
Because they are essentially a legally binding agreement, it is not only important to have one in place, but also necessary to ensure that it meets legal requirements and it matches your specific business processes, model, and remains up-to-date with the various laws referenced in its contents. Copy-pasting Terms and Conditions from other sites is very risky and could result in the document being void or unenforceable.
How we can help you using iubenda’s solutions
Thanks to our partnership with iubenda, we can help you configure everything you need to make your site/app compliant. iubenda is in fact the simplest, most complete and professional solution to comply with regulations.
Privacy and Cookie Policy Generator
With iubenda’s Privacy and Cookie Policy Generator we can prepare a fully customized, self-updating policy for your site/app. iubenda’s policies are generated starting from a database of clauses drafted and continuously reviewed by an international team of lawyers.
Cookie Solution
The iubenda Cookie Solution is a comprehensive solution to meet EU Cookie Law, CCPA and any other third-party requirements by facilitating the display of a GDPR-compliant cookie banner or a CCPA notice of collection at each user’s first visit, the preventive blocking of the profiling cookies and the collection of users’ consent to the installation of cookies. It also supports opt-out from sale for Californian users via a “Do Not Sell My Personal Information” link.
Consent Solution
iubenda’s Consent Solution allows the collection and storage of an unambiguous proof of consent whenever a user fills out a form – such as a contact form or newsletter subscription – on your website or app, as required by the GDPR and the Brazilian LGPD.
The solution can also be used to document opt-out requests from Californian consumers, as imposed by the CCPA.
With iubenda’s Terms and Conditions Generator we can prepare a fully customized, self-updating T&C document for your site/app. iubenda’s Terms and Conditions are generated starting from a database of clauses drafted and continuously reviewed by an international team of lawyers.


Meet some of our happy clients and find out the reason why we are an ideal solution for your business.

I would like to thank @HellenicTechnologies for its excellent work and attention to detail for the development of our brand-new website, but more importantly, I would like personally to thank @Eleni Panagoutsou for her professionalism and the valuable consulting she provided throughout the whole development process as an account manager. Due to this outstanding professionalism and your reputation in the market, I decided to invest also in digital marketing and SEO for my Law firm. Keep it going!

Our company, FORUM SA, organizes some of the leading trade shows in S.E. Europe; it goes without saying that an impeccable online presence is imperative for us. It was very difficult to find a reliable partner who could deeply understand the peculiarities of our business field and take on the renewal and technical support of our websites. We are utterly satisfied with Hellenic Technologies, not only because they ’re highly knowledgeable and always respond immediately to new requests or technical problems that need to be urgently dealt with, but most importantly because they devote time and effort in providing us with ideas and solutions that can help us move forward. It is worth mentioning that within less than 6 months, we renewed two of our main websites while we are currently preparing two new ones. Thank you Hellenic Technologies

Hellenic Technologies offers an impeccable combination of strategy and execution. They support our business needs in digital marketing since 2014 with outstanding results. Our online initiatives include Adwords, Facebook, SEO, email marketing and many more. They have devoted time in learning our business and our needs in order to make the necessary suggestions for the campaigns that they perform.They are always well informed about innovative and pioneering services which are available, without their support we would not have been so successful in our moves. Also, they are always available to answer our questions whenever it is necessary, and in fact, they are an integral part of our company’s Marketing Team. We have been working with HTA for our IT needs the department for over 8 years. I would definitely recommend the HTA services without any doubt.

On behalf of the entire team here in Teleperformance Greece we would like to express how delighted we are with our cooperation with Hellenic Technologies. We have trusted you with our brand new website concept which not only you delivered quickly and with great professionalism, but you are committed and always eager to help us in anything we need and suggest even more great ideas and solutions.A great team! Thank you

I can't thank Hellenic Technologies enough for their outstanding service in integrating and managing our store on eBay. Their expertise and dedication transformed our online presence and boosted our sales significantly. They made the entire process seamless, and their ongoing support has been invaluable. I highly recommend Hellenic Technologies to anyone looking to maximize their eBay store's potential.

On behalf of Avance Greece I would like to thank the whole team in Hellenic Technologies for their hard work, ideas and passion they put into the development of our new website and the mobile Apps. In a very strict timeline they delivered a product above our expectations. They were always at our disposal, overcoming any issue that came up, providing us with ideas and solutions that fit our corporate mentality and strategy. Our partnership extended also to the online promotion & advertising of the new website in which we observed high visitation and increase in sales. It is my belief that this has only been the start of a long term partnership and I would recommend everyone to choose their services.