Compliance
Practical guidance on meeting data protection requirements across jurisdictions, from implementation steps to ongoing compliance management. Learn how to audit your website for compliance gaps, set up proper consent mechanisms, maintain documentation, and prepare for regulatory inspections and enforcement actions.
South Korea's PIPA: How the Personal Information Protection Act Affects Your Website
South Korea's PIPA is one of the strictest privacy laws in Asia, requiring explicit opt-in consent before deploying cookies or collecting personal data. The PIPC has imposed billions of won in fines against companies like Meta, AliExpress, and KakaoPay for violations including unauthorised cross-border data transfers.
Shopify Cookie Compliance Beyond the Basics: Checkout Pixels, Audiences, and Consent
Shopify handles some cookie consent automatically, but checkout pixels, Shopify Audiences, and custom tracking scripts introduce compliance gaps most merchants overlook. This guide covers the Customer Privacy API, pixel sandboxing, and how to ensure your store meets GDPR and CCPA requirements.
Self-Hosted vs Cloud CMP: Performance, Control, and Compliance Trade-Offs
Choosing between a self-hosted and cloud-hosted consent management platform affects your site speed, data residency obligations, and ongoing maintenance burden. This guide breaks down the trade-offs so you can pick the hosting model that fits your compliance needs and technical resources.
Rhode Island Data Transparency and Privacy Protection Act: What You Need to Know
Rhode Island's comprehensive privacy law, the RIDTPPA, took effect on 1 January 2026 with no cure period and fines of up to $10,000 per violation. This guide covers applicability thresholds, consumer rights, sensitive data rules, and what website owners should do to prepare.
How Programmatic Advertising Uses Cookies: A Publisher's Compliance Guide
Programmatic advertising relies on dozens of third-party cookies that land on your visitors' devices during every ad auction. As the publisher, you bear primary responsibility for obtaining valid consent before those cookies are set. This guide covers what cookies appear, why they exist, and how to stay compliant.
Building a Privacy Programme on a Budget: Tools and Processes for SMBs
Small businesses face the same privacy regulations as large enterprises but rarely have the same budgets. A structured, prioritised approach to privacy compliance lets you address the highest risks first and build from there, without hiring a dedicated legal team.
Pinterest Tag and Cookie Consent: What You Need to Know
The Pinterest tag drops several first-party cookies on your visitors' devices, all of which require prior consent under GDPR and the ePrivacy Directive. This guide breaks down each cookie, explains the consent rules, and covers how the Pinterest Conversions API can reduce your reliance on client-side tracking.
The Philippines Data Privacy Act: A Compliance Guide for Website Owners
The Philippines Data Privacy Act (RA 10173) applies to any organisation processing personal data of Filipino residents, including website operators outside the country. This guide covers NPC registration, valid consent, breach notification, and practical steps for cookie compliance.
Product Recommendation Engines and GDPR: Do Personalisation Cookies Need Consent?
Personalisation cookies power product recommendations, tailored content, and dynamic pricing on e-commerce sites. Under GDPR and the ePrivacy Directive, these cookies are not strictly necessary and require prior consent - regardless of legitimate interest arguments.