Wix provides one of the world’s most popular website building platforms. Their users — and visitors to Wix websites — are all over the world. That means that Wix users need to comply with global data privacy laws, as their sites collect personal data from visitors via cookies and other tracking technologies.
We look at the European Union’s General Data Protection Regulation (GDPR) and ePrivacy Directive (ePD) and their impact on websites and the collection of personal data. We’ll also look at consent management platforms and why they’re crucial tools for privacy compliance, and walk you through how to achieve and maintain GDPR and ePrivacy compliance with Cookiebot™.
Why GDPR and ePrivacy Directive compliance is crucial for websites
Data privacy regulations and related laws protect and regulate access to individuals’ personal data and provide people with various rights. Privacy laws go back decades, but a lot has changed in recent years, and new laws are being passed.
Major drivers of change for companies and individuals include the advent of huge digital platforms owned by a few dominant tech companies, ever-advancing technologies, and increasing global reliance on the internet to live, work, and socialize.
The average person leaves a rich trail of personal data just about everywhere they go online, including on the websites they visit. Companies use that data for effective marketing and performance analytics.
Why the GDPR is important for Wix users
Since the GDPR came into effect in 2018, it has protected the privacy and personal data of residents of the European Union and European Economic area. It gives them control over their personal data, and a number of rights regarding access to that data and how it’s used.
The GDPR is extraterritorial, which means that it doesn’t matter where the company or website owner is located; it only matters if that entity processes the personal data of EU residents. So if your Wix website has visitors or customers who live in the EU, you need your site to comply with GDPR requirements.
Why the GDPR is so important globally
Many other countries around the world have used the GDPR as a model when drafting their own data privacy legislation, so achieving compliance with the GDPR makes it easier to become compliant with other laws as well if needed. GDPR requirements are also tied into some other laws, like the Digital Markets Act (DMA), so data privacy requirements come from multiple sources these days.
The GDPR levies some of the strictest requirements among global data privacy regulations. These include having a valid legal basis to collect personal data, and requiring entities to obtain prior consent from visitors and customers to use cookies and other tracking technologies on websites to collect personal data. Most websites today use various kinds of cookies for a number of purposes, and quite a few of those involve collecting personal data.
The GDPR also requires entities (mostly commercial enterprises) to provide specific notifications and information to the people (data subjects) from whom they collect personal data, e.g. from website visits. This can be done in a few ways, but the most common ones are via a privacy policy page and cookie notice or policy on the website, and with a consent banner displayed by a consent management platform (CMP).
GDPR noncompliance can come with substantial financial and reputational penalties. This is why it’s important for Wix users to achieve GDPR compliance.
The consequences of GDPR noncompliance
Fines for GDPR violations have made some pretty splashy headlines, with the biggest GDPR fines topping hundreds of millions or even a billion Euros. The GDPR outlines fines for violations to be from 2 percent of annual global turnover or EUR 10 million, whichever is higher; or 4 percent or EUR 20 million, whichever is higher, for repeat or more egregious violations (e.g. willful violations).
Many smaller companies and website owners don’t feel that GDPR compliance really applies to them because news coverage can make it seem like it only matters for big tech companies. The penalties against large tech companies are of that magnitude because of the size of their business operations and audiences and volume of data they process. But it’s important for smaller organizations to consider noncompliance risks contextually.
GDPR fines hurt small businesses more
While they may not make headlines, plenty of smaller organizations have been cited and fined for violating the GDPR, and for a small business, any fine can present a significant financial difficulty. That’s only the beginning, though.
Authorities can also make companies halt operations related to the violation or delete data, which could cause significant issues with a company’s ability to do business.
A violation is also a significant hit to the trust customers place in a company and can damage brand reputation, which can have both short- and long-term financial consequences. This is particularly dangerous in an era when more and more regulations include data portability provisions, making it easier for customers to take their information and leave for a competitor.
For a small business or agency with a Wix site, the risk of GDPR noncompliance can be too great, especially since achieving and maintaining privacy compliance is simple and cost effective.
Why the ePrivacy Directive is important for Wix website owners
The ePrivacy Directive (ePD) is older than the GDPR, enacted in 2002. It was updated in 2009 and again in November 2023, when the European Data Protection Board (EDPB) issued new guidelines widening the scope of technologies that the ePD covers.
The ePD is designed to complement other regulations like the GDPR, with the end goal being for the ePD to become a fully enacted legal framework as the ePrivacy Regulation.
Who the cookie law applies to and its requirements
Sometimes referred to as the EU’s “cookie law,” the ePD addresses privacy concerns with electronic communications. It requires communication confidentiality over public networks, obtaining user consent for the use of cookies, regulates direct marketing practices, and sets guidelines for electronic communication services’ security.
The ePD extends privacy protection beyond traditional telecom operators, covering a wider range of electronic communications in our ever more digital world. It applies to any business that processes data via EU residents’ (natural or legal persons) use of online communications services, mandating confidentiality, and applying to online tracking technologies, digital direct marketing, etc.
The ePD applies to website and app owners, digital marketers, telecom companies, messaging service providers (e.g. Meta or Apple), or internet access providers, i.e. where open and public WiFi access is available. Machine-to-machine communications (i.e. the Internet of Things) will also be included thanks to the recent update.
With this scope in mind, it’s easy to see why complying with ePD guidelines is important to Wix website owners doing digital marketing and analytics, and customer communications.
The consequences of ePrivacy Directive noncompliance
As the ePD is designed to work in conjunction with the GDPR, noncompliance once again means potential penalties and fines. Once the ePrivacy Regulation comes into effect it will immediately apply to all electronic communications processors.
It’s safer, more financially sound, and better for customer relations and brand reputation for businesses to achieve compliance in advance and not have to scramble or worry when new laws come into force and enforcement begins.
Webinar: Streamline your website and mobile apps compliance with experts from Usercentrics (Cookiebot™ parent company)
Wix and GDPR compliance for websites
Websites built on the Wix platform need to be GDPR-compliant if they process personal data from visitors, which most websites do. As every site is a bit different, each user is responsible for ensuring they manage consent compliantly for their sites.
Fortunately, the Cookiebot™ for Wix by Usercentrics app makes Wix GDPR compliance easy. Install it from the Wix marketplace in a few simple steps and customize it to your site’s appearance and compliance needs. Then the automated scanning helps ensure your compliance remains up to date. Cookiebot™ for Wix by Usercentrics even helps with your privacy and cookie policies.
Wix and ePrivacy Directive compliance for websites
Wix GDPR compliance requirements apply to the ePrivacy Directive as well. In addition to the use of cookies and other trackers for collecting personal data, you’ll need to obtain user consent for electronic communications and personal data collected by those cookies or to run them. Basically, if you want to do any marketing or customer communications.
How a consent management platform (CMP) helps achieve GDPR compliance
A consent management platform (CMP) handles complexities of consent management and GDPR privacy compliance on your Wix website for you.
How a CMP collects visitor consent for privacy compliance
Implemented on your site in a few steps and customized to match your branding, Cookiebot™ for Wix by Usercentrics displays a consent banner to visitors on their first visit or when new consent information is required (e.g. consent data has expired or visitors cleared their browser settings).
The consent banner presents information about why consent is being requested. Visitors can also drill down into the cookies and other tracking technologies in use on the site to learn about them, and, if desired, provide consent for specific selections. Or visitors can choose to accept or reject all use of cookies.
Other CMP consent management functions for privacy compliance
A CMP also securely stores and documents consent information so it’s available in the future for visitors to update or withdraw their consent preferences. It can also be provided to data protection authorities in the event of an audit, or to a visitor who submits a data subject access request. All of these functions are required by the GDPR.
A high performance CMP has features that help you even more. For example, Cookiebot™ for Wix by Usercentrics runs automated scans of your site to ensure all cookies and trackers in use are detected and controlled until consent is obtained.
The CMP then supplies this information to the consent banner and for your privacy and cookie policies. Those policies stay up to date with specific details about cookies in use, and enable informed visitor consent, as required by the GDPR.
Wix and Cookiebot™ partnership for privacy-compliant websites
Wix is probably best known as a powerful no-code website builder that enables anyone to create a beautiful, full-featured website. It’s one of the world’s most popular platforms, and it also enables eCommerce, marketing operations, scheduling, and more — built right in. Learn all about Wix.
Since Wix customers are located all over the world, it’s important to the company to ensure all customers have everything they need to do business and promote themselves online. This includes enabling privacy compliance with regulations today, and in the future. That’s where the Cookiebot™ partnership comes in.
Read the full press release about the partnership: Usercentrics partners with Wix to launch first consent solution on the Wix App Market
Learn more with Wix: How to make a website
Cookiebot™ for Wix by Usercentrics for privacy compliance
The Cookiebot™ for Wix by Usercentrics plug-and-play solution enables GDPR/ePD cookie compliance, with features that automate compliance maintenance as well. Cookiebot™ is the only third-party GDPR compliance app available in the Wix Marketplace and enables Wix users to quickly and easily achieve privacy compliance on their Wix websites.
Cookiebot™ for Wix by Usercentrics was designed from the ground up for Wix users, to seamlessly bring the powerful features and privacy compliance peace of mind of Cookiebot™ CMP to Wix. It’s user-friendly, reliable, scalable, and ready to go in just a few simple steps.
Wix users can stay focused on their core business and their own customers, and Cookiebot™ for Wix by Usercentrics can handle consent management and website privacy compliance.
Learn more with Wix: How to create a GDPR-compliant website
Benefits of Cookiebot™ for Wix by Usercentrics
The initial website scans detect all cookies and trackers in use on your Wix website and reports them, so you don’t need to set that up manually. Ongoing scans mean you have an accurate list as your web technologies change over time, so you know for what and where you need visitors’ consent.
This information about Wix components is provided to your Wix site visitors via the customized consent banner that Cookiebot™ for Wix by Usercentrics displays.
Being able to customize the banner’s design and text to make it familiar in appearance and user-friendly helps build trust and encourages higher engagement. Visitors can provide consent for all cookie use, only the ones they specify, or none of them (aside from “essential” cookies, which do not require consent). They can also change their preferences any time, putting them in control, and meeting GDPR requirements.
Cookiebot™ for Wix by Usercentrics and Google Consent Mode
Cookiebot™ is a Google-certified consent management platform (CMP), which means it works seamlessly with the Google services you rely on and can signal required consent information to enable privacy compliance.
Cookiebot™ for Wix by Usercentrics is also seamlessly integrated with Google Consent Mode v2. With Google’s new consent requirements, you can obtain valid user consent and signal it to continue to use Google services for measurement, ad personalization, and remarketing, thus protecting your digital marketing operations and revenue.
How to set up Cookiebot™ for Wix by Usercentrics on your Wix website
- To get started, go to the Wix Marketplace to add Cookiebot™ for Wix, and click the blue Add to Site button.
- Review the terms of use, then click the blue Accept & Add button.
- You’ll need to have an active Premium Cookiebot™ Plan, so click the blue Upgrade app to Premium button, then click the blue Select button for the Premium Plan.
- Click on the Plan type you prefer — Monthly or Yearly — then click the blue Continue to Checkout button.
- Add your account and payment details for your preferred payment method, then click the blue Continue to… button.
- The initial scan of your Wix website will start automatically to detect the components, trackers, and third-party apps you’re using.
- The scan is really fast, so within a few moments, you can click the blue View scan report button to see the results.
- The scan report will show you all the components, trackers, and apps that collect personal data, and their compliance status, e.g. if they’re blocked until user consent is obtained. They may not be yet, but you will set that up next!
- Now it’s time to set up your consent banner that will be displayed to your Wix website visitors. Under the Consent banner tab, customize the layout, theme, colors, and more for a banner that matches your site’s look and feel. You can also customize display languages and other features for the best user experience.
- Don’t forget the “behind the scenes” customization settings as well to control how the CMP manages activation of your Wix website’s components, trackers, and third-party apps to enable privacy compliance.
- Once you’re happy with your setup, click the green Save button.
Activate your consent banner by sliding the Enable Banner slider to the right and turning it blue. That’s it! Your banner can now enable visitors to your Wix website to make legally valid consent choices about access to their personal data, so you can achieve GDPR and ePD compliance on your site.
Check out our step by step video to get Cookiebot™ for Wix enabling privacy compliance on your Wix website in minutes.
Learn more with Wix: 6 steps to create a GDPR compliant website
GDPR-compliant Wix policies
The GDPR requires websites to provide information about their privacy practices, relevant regulations, user rights, and more through a privacy document. This is commonly done on a privacy policy page on the website. It’s also required that it be kept up to date as company information, web technologies, and regulatory requirements change. This can be tricky and time consuming, especially for small businesses, and is why automating as much of this work as possible is so valuable.
The cookie policy is often a section of the privacy policy, though it can be a separate document. This outlines information about the cookies and other tracking technologies in use on the website, what data they collect, for what purposes, how long data is retained, who may have access to it, and more. The GDPR requires this granular information as well to fulfill its requirement that user consent be informed.
GDPR-compliant Wix privacy policy
Your Wix website needs a privacy policy to be GDPR and ePD-compliant. You can draft your own or use a template or a generator tool. However, it’s strongly recommended that you consult with qualified legal counsel to ensure your Wix website’s privacy policy is tailored to you. Even using a template you’ll need to customize it to your site, business, and relevant regulations.
To have a GDPR-compliant privacy policy on your Wix site, you need to disclose:
- how your site collects personal information
- the purposes for which your site collects and processes personal information
- how long you retain collected data
- relevant privacy regulations with which you comply
- the legal basis for your data collection (of which consent is one type)
- what parties, e.g. vendors or partners, may have access to the data, and for what purpose
- how you protect the data in your possession
- what rights visitors have based on relevant privacy regulations and how to exercise those rights
- contact information for the business, possibly including a Data Protection Officer
Learn more with Wix: How to write an effective Privacy Policy for your website
GDPR-compliant Wix Cookie Policy
Your Wix site’s cookie policy can be a section of the privacy policy, or a separate page or document. Its scope is more limited than the privacy policy, as it only covers the use of cookies and other trackers. It needs to include information about the cookies in use on your site, what parties set them, what data they collect, for what purposes, when they expire, and other relevant information.
The Cookiebot™ for Wix by Usercentrics solution can automatically provide information about cookies in use to populate and update your cookie and/or privacy policy.
Maintaining Wix GDPR privacy compliance
Once you have achieved GDPR and ePD compliance for your Wix website, you need to make sure to maintain it. Regulations and technologies are always changing, and it’s especially hard for small businesses to dedicate the resources to keeping tools, systems, and the website up to date.
Cookiebot™ for Wix by Usercentrics helps with powerful automation functionality. The regular scans help to keep cookie and tracker information up to date. However, you should also regularly review that cookie list to make sure you control everything that’s running, and so you’re familiar with the data being collected on your site, especially via third-party vendors.
Make sure you still need the data you’re collecting and don’t retain it any longer than necessary for the specific purposes for which it was collected. These limitations are also GDPR requirements.
Check your CMP settings and consent banner design and text, and work to optimize it over time to ensure it’s informative and user-friendly to optimize visitors’ consent rates.
Achieve and maintain GDPR compliance with our handy checklist from Cookiebot™ parent company Usercentrics
Next steps to achieve GDPR and ePrivacy Directive compliance for your Wix website
Complying with the requirements of the GDPR and ePD are complex, and can seem overwhelming, but they don’t need to be. We do the heavy lifting for you, and Cookiebot™ for Wix by Usercentrics can help you notify visitors, obtain and store their consent, and signal it to tools you rely on for advertising, analytics, and more.
GDPR compliance isn’t just for giant tech companies that make headlines. It applies to every organization that collects and processes the personal data of EU residents and/or uses electronic communications with them, which probably includes your business.
Whether it’s to use cookies on your website, build your newsletter subscriber list, or other ways you grow your business and engage with your customers, data privacy should be built in, and Wix and Cookiebot™ are here to help. A beautiful, user-friendly website draws visitors and customers, and a robust consent management platform helps you build trust with website visitors and compliantly meet the requirements of ever-evolving privacy regulations. So you can stay focused on what you do best.
Head over to the Wix Marketplace now and download the Cookiebot™ for Wix by Usercentrics plug-and-play solution. In just a few simple steps, you can have it up and running.
Get Cookiebot™ for Wix by Usercentrics now in the Wix Marketplace
FAQ
Your Wix website is built to be able to add features that meet GDPR requirements for privacy compliance and user consent. Users can implement a consent management platform to achieve and maintain data privacy compliance with the GDPR and other regulations.
From the Wix Marketplace, install Cookiebot™ for Wix by Usercentrics on your Wix website in just a few simple steps. Follow our instructions above and you can easily enable cookie compliance by obtaining valid consent from your visitors, and gain peace of mind by keeping your privacy and cookie policies up to date.
Cookiebot™ for Wix by Usercentrics provides well-designed consent banner templates, which you can easily customize. The Wix GDPR templates can enable privacy compliance right out of the box.
If your Wix website is collecting personal data from visitors in the European Union, which it likely is via cookies and other tracking technologies, then yes, you need to become privacy compliant with a Wix GDPR pop up. This consent banner will enable you to obtain, store, and signal valid consent from visitors to meet GDPR and ePrivacy Directive requirements.
Wix users are responsible for complying with the GDPR or other privacy regulations like the CCPA. Your Wix GDPR policy will be the privacy and cookie policies on your website, which you need to set up, and which need to inform visitors of cookie use and data collection, provide information about their rights, and more.