The listings featured on this site are from companies from which this site receives compensation. This influences: Appearance, order, and manner in which these listings are presented.
Our videos have over 5 million views on Youtube! Visit our channel now »
Disclosure:
Professional Reviews

vpnMentor contains reviews that are written by our community reviewers. These take into consideration the reviewers’ independent and professional examination of the products/services.

Ownership

vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, ZenMate, Private Internet Access, and Intego, which may be reviewed on this website.

Affiliate Commissions Advertising

vpnMentor contains reviews that follow the strict reviewing standards, including ethical standards, that we have adopted. Such standards require that each review will take into consideration the independent, honest and professional examination of the reviewer. That being said, we may earn a commission when a user completes an action using our links, at no additional cost to them. On listicle pages, we rank vendors based on a system that prioritizes the reviewer’s examination of each service, but also considers feedback received from our readers and our commercial agreements with providers.

Reviews Guidelines

The reviews published on vpnMentor are written by community reviewers that examine the products according to our strict reviewing standards. Such standards ensure that each review prioritizes the independent, professional and honest examination of the reviewer, and takes into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings we publish may also take into consideration the affiliate commissions we earn for purchases through links on our website.

Report: Only 34% of Websites in the EU are Ready for GDPR

Kristina Perunicic Updated on 30th June 2023 Managing Editor

It’s been nearly 2 years since the Council of the European Union, European Parliament and the European Union passed the privacy legislation known as the General Data Protection Regulation (GDPR).

Beginning on May 25th, 2018 any company that hasn’t updated their privacy policy during the two-year grace period will be in violation of the law and could face fines as much 4% of the company’s global revenue or €20 million, whichever is higher.

The updated privacy policy should be straightforward, informing users about the usage of their collected data. It needs to be succinct, clearly articulated, and disclose if the user data will be disseminated to a third party or utilized for promotional activities. The policy should also elaborate on the deployment of cookies and their function, as well as unambiguously define the rights of the person accessing the site.

vpnMentor ran a test of over 2,500 websites in the EU that will need to follow the new GDPR regulations and found that as little as 34% of websites are currently compliant. Most of the websites we checked either had old privacy policies, and in some cases no privacy policy at all, and are in no way ready for the stricter privacy guidelines that take effect next month. Those that fail to meet these new standards, will be subject to the fines mentioned above.

infographic on GDPR compliance

Our Methodology

We targeted websites that use the popular MailChimp service.

MailChimp is an E-mail marketing platform that collects users Email addresses in order to send out newsletters, company updates, and general marketing materials.

Any website that uses MailChimp or a similar service to collect emails will have to store this data and therefore need a privacy policy that fits in with the GDPR regulations.

We collected up to 100 websites in each country that use MailChimp. In some cases, we couldn’t find 100 and used what we could, and the results were pretty surprising.

While some countries like Germany seem to be more prepared for the May 25th deadline with a compliance of 67%, others such as Portugal are ill-prepared  only 17% of the websites we checked had a complete GDPR approved privacy policy.

Does the Data Correlate with Sites that are Compliant with the EU Cookie Law?

During the course of our research, we also investigated whether these sites were in compliance with the EU internet cookie regulations that were recently passed into law. The cookie pop-up notifications, or “cookie-pops,” require a pop-up window to appear on any site using cookies to collect information on the websites' users.

Once again, we were surprised as there seemed to be no correlation between the sites that use the cookie-pops and the sites that are GDPR compliant. Germany a country that topped our list on GDPR compliance  was at the bottom of the cookie-pops test with just 16% of website employing this privacy feature.

Our hypothesis was that there would be some kind of correlation in the data between these two studies. Had web owners just used a third party code and inserted it into their website, we’d understand that both GDPR and cookie-pops would be similar.

However, since there is little correlation between sites that have the cookie-pops and privacy policy, this shows that business owners are not just copying and pasting a code or text into the site to comply with the regulation, rather they actually carefully look into it and make the necessary updates (this is good news).

For some sites, there may be a good reason for not having the cookie-pops enabled on their site, such as they don’t collect cookies. Interestingly in Slovenia, which had the highest percentage of cookie-pops enabled 64%, only 40% of the sites were GDPR compliant, meaning that at least 60% of the Slovenian sites will be in violation of the new regulation.

If your website isn’t GDPR compliant yet, you can go here and copy/paste the GDPR policy into your website to avoid any legal issue you may otherwise encounter.

About the Author

Kristina Perunicic is a former editor for vpnMentor. She’s a cybersecurity expert with an interest in VPNs and their importance in the digital privacy landscape.

Did you like this article? Rate it!
I hated it! I don't really like it It was ok Pretty good! Loved it!
out of 10 - Voted by users
Thank you for your feedback