<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
  <channel>
    <title>GDPR — Articles | WebPro Company OÜ</title>
    <link>https://webpro.company/blog/tag/gdpr/</link>
    <atom:link href="https://webpro.company/blog/tag/gdpr/rss.xml" rel="self" type="application/rss+xml" />
    <description>GDPR from a practical angle — why data protection obligations extend to ordinary contact forms and what developers need to address.</description>
    <language>en-US</language>
    <lastBuildDate>Mon, 08 Jun 2026 06:00:00 GMT</lastBuildDate>
    <item>
      <title>Contact form without reCAPTCHA — catching bots without Google</title>
      <link>https://webpro.company/blog/contact-form-without-recaptcha</link>
      <guid isPermaLink="true">https://webpro.company/blog/contact-form-without-recaptcha</guid>
      <pubDate>Mon, 08 Jun 2026 06:00:00 GMT</pubDate>
      <category>Development</category>
      <category>GDPR</category>
      <description>Most spam on contact forms does not come from humans — it comes from bots. Bots behave differently from humans, and that difference is enough to build protection on without Google&apos;s help. Why replace reCAPTCHA reCAPTCHA v3 works — that cannot be denied. Google&apos;s model is trained on billions of signals and the score-based approach is intelligent. But it comes at a price that is not paid in money. Privacy. reCAPTCHA loads a script from Google that tracks the user throughout the browser session. Google learns which site the user visited and when. This is not hypothetical — it is their business model. GDPR. Because of the third-party tracking, using reCAPTCHA formally requires user consent. In practice many sites ignore this requirement, but that does not make it compliant. Load time. The…</description>
    </item>
    <item>
      <title>GDPR on websites: why it also affects ordinary contact forms</title>
      <link>https://webpro.company/blog/gdpr-on-websites-practical-responsibility</link>
      <guid isPermaLink="true">https://webpro.company/blog/gdpr-on-websites-practical-responsibility</guid>
      <pubDate>Sat, 18 Apr 2026 06:00:00 GMT</pubDate>
      <category>GDPR</category>
      <description>If a website collects names, email addresses, phone numbers, IP addresses, order details or account data, data protection is already part of the technical work. GDPR often sounds like a legal topic. On a website it becomes practical very quickly: what data is collected, why it is needed, where it goes, how long it is kept and who can access it. The Estonian Data Protection Inspectorate explains that personal data is data that can identify a person directly or indirectly: AKI definitions. On a website this can mean more than an ID number. It may include an email address, phone number, IP address, order history, account data or free text submitted through a form. Who should care GDPR affects almost every website where a person can enter information or where behaviour is tracked: contact…</description>
    </item>
    <item>
      <title>Why Drupal suits the public sector</title>
      <link>https://webpro.company/blog/drupal-for-public-sector</link>
      <guid isPermaLink="true">https://webpro.company/blog/drupal-for-public-sector</guid>
      <pubDate>Thu, 10 Jul 2025 06:00:00 GMT</pubDate>
      <category>Drupal</category>
      <category>WCAG</category>
      <category>GDPR</category>
      <description>Government and education websites have specific requirements: WCAG accessibility, data protection, long-term support and open source. Drupal meets all of them. Public sector websites are not simply marketing pages. They must be accessible to all users regardless of disability, operate for years without platform replacement, comply with data protection requirements, and be developable through competitive procurement — which means open source. Why Drupal, not other CMS platforms Open source with no licence costs. Drupal is distributed under the GNU GPL licence — government and public sector institutions pay no licence fees. The platform code is auditable, which matters in security assessment contexts. WCAG accessibility. Drupal supports WCAG 2.1 AA in Core and in most widely used themes.…</description>
    </item>
    <item>
      <title>Estonian businesses and GDPR — what the real requirements are</title>
      <link>https://webpro.company/blog/gdpr-requirements-estonian-websites</link>
      <guid isPermaLink="true">https://webpro.company/blog/gdpr-requirements-estonian-websites</guid>
      <pubDate>Thu, 14 Dec 2023 06:00:00 GMT</pubDate>
      <category>GDPR</category>
      <description>GDPR is not only a concern for large companies. Every Estonian business whose website collects data from EU citizens must follow the same rules. Who GDPR applies to GDPR applies to all organisations — large and small — that: Offer goods or services to EU citizens, OR Monitor the behaviour of EU citizens (including Google Analytics) This means: if your website is visible in Europe and collects any data (including cookies, Google Analytics, a contact form), GDPR applies to you. Which data is problematic Cookies and tracking tools: Google Analytics collects IP addresses, device data and behaviour data. This is personal data processing — it requires consent. Contact forms: Name, email address, phone number, message — all are personal data. You must explain what is done with them and how…</description>
    </item>
  </channel>
</rss>
