Hi @Naama
I’m not sure there will be a definitive guide on what to do and how to do it. Every business will be different in the data they collect, how they store it, where they store it, how secure it is, how they gained consent etc…It’s a wider issue than just changes to a site, as it is about businesses storing and using personal data in the wider sense, with a website/service a part of the bigger picture.
What i’ve seen mostly (apart from the 267 emails!) is changes to privacy policies on actual sites, and the regulations are requiring much clearer explanation of what happens to people’s data - not hiding it away in complex endless paragraphs. Behind the scenes, businesses are needing to have a much better hold on the data, proof of consent to store and process it, and policies ready to deal with breaches, deletion requests etc.
As a designer with clients, I have taken the approach of ensuring they know about and investigate GDPR compliance themselves, making it clear it is their responsibility to comply! There are of course questions about how their website uses data - so i’ve given them some help explaining how Webflow forms work, Foxycart policies, and Google analytics etc.
Hope that’s useful…and of course seek official legal advice to be sure on anything.
Some links from the UK and Ireland:
PDF: Page not found | ICO
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
In case you missed it, the new Webflow policies are here:
@callmevlad gave an update about hosted sites here:
And also there was a further product update regarding form privacy here: