Cookie Law Compliance featured image

Part 1: What WordPress Agencies Should Know About GDPR & Cookie Law Compliance

This post is a part of a training series that I have created in collaboration with iubenda – one of the proud sponsors of the 2020 WP Agency Summit.

You can read the other articles in this series here:

Part 2: Three ways GDPR impacts your customer’s sites
Part 3: There is more than just GDPR
Part 4: Common questions around GDPR
Part 5: How to sell a GDPR-related service

GDPR can be a pain to deal with, can’t it? All sorts of popups annoy the heck out of us when we’re browsing websites…

And even worse, when building websites for our clients, we have to be extra careful to either make them GDPR compliant or set up contracts so that we cannot be held accountable for violations.

Maybe you find these regulations as frustrating as I am – but they also present a brilliant opportunity.

We as agency owners can take advantage of these laws because we are the experts that can sell services to make our clients’ websites compliant.

Over the next few days, I am sending you a free email training on how you can turn GDPR and other regulations into a marketing asset for your agency.

Let’s take a step back and look at the situation with a neutral and business-oriented mindset.

GDPR stands for General Data Processing Regulation and handles how websites can handle “Personal Data”. In this context, personal data refers to any data that relates to an identifiable or identified living person. In plain English, we’re talking about forms, tracking pixels, Google Analytics, and similar data collectors.

Even if you store pseudonymized data encrypted, you might be not compliant if the encryption process is reversible. You are required by law to store the decryption keys separately from the data.

You can see, it’s a really slippery slope. That’s why I’ve started working on this GDPR-related email series for WP agencies. 

Since you are a trusted expert for your customers, they will likely turn to you in order to get their website compliant. If you’re building a website from scratch or doing a redesign, you’re in a beneficial position to just sell the GDPR compliance as a necessary feature in the project.

In most cases, the sale is pretty easy to make because most of your clients will want to comply with the law. If they are hesitant, you can share some data related to the number of actively pursued compliance violations and the costs that come with not being compliant.

These two resources give you a good perspective and some strong arguments to sell GDPR-related services:

I know that the articles around GDPR can be very dry and boring – but it’s worth reading them and rewording the most important sections yourself so that you can explain the situation to your customers.

After you have the understanding, you just need to have a reliable software solution to implement GDPR compliance like Privacy Policy, Cookie Solutions, Consent Solutions, and all the other stuff (checkboxes below forms, etc.).

That’s where services like iubenda come into play. I personally use them on and can say that their onboarding is very efficient.

And it’s a service you can easily resell to your customers (more on that later).

I am by no means an expert in law but their platform makes it easy to set up all the necessary policies and cookie solutions within 15-20 minutes per website. Probably even faster if you’ve done it multiple times.

What’s cool is that they have a Partner Program where you can get certified as iubenda Partner and resell their software under your own brand. They work with agencies and web professionals to help their partners resell iubenda and earn residual income in doing so.

You can use their Partner Program to:

  • ramp up your understanding of legal requirements so that you can easily explain them to your clients,
  • become an expert in using iubenda’s solutions for your customers,
  • gain access to advanced support, exclusive content, and additional resources.

They will even list your agency on their Partner’s Directory to improve your visibility.

If you’re offering maintenance services, I think this is a no-brainer.

Tomorrow, I’ll give you three examples of how you can demonstrate the need for GDPR compliance to your customers. 

The email will be titled “Three Ways GDPR Impacts Your Customer’s Sites” and gives you three arguments for sales conversations with your customers.

All the best,


Share this post

Visit the virtual booths of our sponsors

Click on any logo to go directly to the booth and learn more about each sponsor.

Check Out The Merchandise

Build a WordPress agency that is profitable, scalable, and sustainable.

You’re in the right place. We have over 36 industry experts who run agencies just like yours, and they are going to share their proven strategies for success with you.

GET your free ticket to
wp agency summit

let 30+ World-Class Experts teach you how to scale your WP agency.

Learn How to Attract high-paying clients and building recurring revenue To Break Through Feast & Famine.


Let's have a chat

Learn how we helped 100 top brands gain success.