This site uses cookies to enhance your visitor experience. By continuing your visit to this site, you accept the use of cookies to offer services and offers tailored to your interests.

Are you compliant with the rules imposed by the GDPR?

The 25 May deadline is approaching.

The GDPR (General Data Protection Regulation) is a new European regulation which introduces a number of measures to define the legal framework for the protection of personal data within the European Union. Its purpose is to strengthen EU citizens’ rights and give them more control over their personal data.

Who is affected?

This regulation applies to all businesses that collect and process their customers’ data. Multinational companies, but also SMEs and artisans who have a customer database.

What is the principle?

The main point is the principle of consent for the collection and storage of data, a concept which is a specific feature of European law. Citizens are the owners of their personal data, so companies, particularly the American giants (Facebook, Google, Apple, Amazon, Microsoft and their partners), can no longer use the presumption of consent argument to justify using data belonging to their customers and users.

What does the GDPR actually stipulate?

From now on businesses will have to provide precise details of their practices with regard to collecting and storing personal data. Users will have access to more details on the processing of their data. For the sake of transparency, the information should also be set out clearly and accurately.

The obligations of businesses

Although the GDPR simplifies the administrative formalities overall, it still imposes a number of restrictions on businesses:

  • Data protection by design compliance
  • Security by default obligation
  • Documentation obligation
  • Impact study before implementing certain forms of processing
  • Obligation to appoint a "Data Protection Officer", who is responsible for the resources deployed by the business.

What to do if an incident occurs that affects customer data

Any incident that may have compromised the integrity of customer data held by the business must be officially declared to the CNIL within 72 hours. This is the responsibility of the Data Protection Officer designated by the business.

What are the penalties in case of an infringement?

The legislator has put in place a wide range of administrative penalties for non-compliance with the regulation, ranging from a simple warning to fines as high as 20 million euros or 4% of the global turnover of the business in case of infringements of the rules on consent or infringements relating to transfers of personal data outside the European Union.

Source :

The solutions proposed by ArtWhere


Analysis of your site in order to make a tailored offer

Cookie management

Acceptance of General Terms and Conditions of Use and use of cookies

Https certificate

Carrying out HTTPS certification

Double authentication

Setting up a two-step verification process


GDPR Conditions and Cookies policy

Centralised database

Setting up a centralised database


Request an offer

Cookies consent banner

Our cookies consent banner appears until the user clicks on ‘I understand’ or ‘Modify’ which shows the cookies management menu.

Cookies management menu

Our cookies management menu enables the user to choose the cookies he accepts to use. In some cases, the user may be re-directed to the supplier’s website to disactivate the cookies, as for ‘AddThis’ for example.


Ready for an ArtWhere mission? Let’s meet then!


contact agence web cms


Rue de l'Eglise 23 Bte 101
1450 Blanmont

Tél: +32 2 318 01 60
+32 475 29 31 46

Opening hours:

Monday through Thursday from 8:00 am to 6:00 pm
Fridays from 8:00 am to 5:00 pm

Contact form

Estimate form

Job form

Registration to the formations