The General Data Protection Regulation (GDPR) governs how organizations collect, use, and store personal data from individuals in the European Economic Area (EEA), United Kingdom, and Switzerland.

Key GDPR Compliance Steps for Squarespace Users

1. Review Personal Data Collection:

• Audit your website and scheduler for data collection points
• Check third-party service integrations
• Evaluate data storage and transfer practices
• Eliminate unnecessary data collection

2. Create or Update Privacy Policy:

• Detail what information you collect
• Explain data usage purposes
• List data sharing practices
• Specify data retention periods
• Describe international data transfers

Who Must Comply?

• Organizations located in the EU, UK, or Switzerland
• Businesses offering goods/services to EU, UK, or Swiss residents
• Companies monitoring EU, UK, or Swiss individuals' behavior

Personal Data Definition Personal data includes any information that can identify an individual:

• Traditional data (names, addresses, birth dates)
• Digital identifiers (email addresses, IP addresses)
• Location data
• Biometric data
• Financial information

Cookie Compliance Requirements

1. Essential Requirements:

• Provide clear information about cookie usage
• Obtain explicit consent for non-essential cookies
• Allow visitors to manage cookie preferences
• Display prominent cookie banner

2. Squarespace Cookie Tools:

• Disable activity logs
• Turn off Analytics cookies
• Implement customizable cookie banner
• Add privacy policy and terms

Third-Party Services Integration

Review all connected services:

• Connected accounts
• Code blocks
• Payment processors
• Analytics tools
• Social media integrations
• Form storage solutions

Data Transfer Compliance

Squarespace ensures compliance through:

• Standard Contractual Clauses
• Data Privacy Framework certification
• Technical and organizational safeguards
• Regular security updates

Important Acuity Scheduling Features

• Display terms in scheduling instructions
• Include consent requests in forms
• Manage customer data deletion
• Enable data export for portability

For detailed guidance, consult your local data protection authority or legal professional.

Related Articles

Previous Articles