Website Guides
80+ practical guides on GDPR, accessibility, security and EU e-commerce law — written for small businesses.
Editor's picks
GDPR Fines Netherlands: Real AP Cases | TrustYourWebsite
GDPR fines in the Netherlands: real cases and amounts from the Dutch DPA (AP), including Uber, Booking.com, TikTok and Kruidvat.
5 min read
Editor's pick499 Dutch Restaurant Websites Scanned: Findings
We scanned 499 Dutch restaurant websites for GDPR, cookies, accessibility and security. Real numbers from our automated scanner.
8 min read
Browse by topic
GDPR & Privacy
499 Dutch Restaurant Websites Scanned: Findings
UpdatedWe scanned 499 Dutch restaurant websites for GDPR, cookies, accessibility and security. Real numbers from our automated scanner.
8 min read · Updated Apr 2026
Contact Form GDPR Requirements: Article 13 Compliance
UpdatedWhat a GDPR-compliant contact form needs: Article 13 information, the right legal basis (legitimate interest vs precontractual), unchecked boxes, retention.
9 min read · Updated May 2026
Cookie Banner Dark Patterns: Why They Are Illegal
UpdatedEDPB taxonomy of cookie banner dark patterns: 12 design techniques that void GDPR consent, with Dutch AP enforcement examples.
8 min read · Updated May 2026
Cookie Banner Required in NL: What the AP Enforces in 2026
UpdatedA cookie banner is required in the Netherlands once your site sets non-functional cookies. What the AP enforces in 2026 and how to test compliance.
6 min read · Updated May 2026
Cookie Banner Requirements in the Netherlands (2026)
UpdatedCookie banner requirements in the Netherlands explained. The AP's 9 rules, valid GDPR consent and what gets businesses fined.
12 min read · Updated May 2026
Cookie Banner Requirements Under EU Law (2026 Guide)
UpdatedCookie banner requirements in the EU 2026: reject equal to accept, no dark patterns, prior consent. EDPB Guidelines 05/2020 explained.
9 min read · Updated May 2026
Data Processing Agreement for Websites: A Dutch SMB Guide
UpdatedWhich third-party services on your website need a data processing agreement (verwerkersovereenkomst) under GDPR Article 28? A practical guide for Dutch SMBs.
7 min read · Updated May 2026
Do I Need a Cookie Banner? A Simple Decision Guide
UpdatedNot every website needs a cookie banner. Use this decision guide to find out if yours does, and what to do if it doesn't need one.
9 min read · Updated Apr 2026
Dutch AP Cookie Warnings: What They Mean for Your Website
UpdatedAP cookie warnings explained: what the Dutch Autoriteit Persoonsgegevens checks on your cookie banner and how to fix it before a fine.
7 min read · Updated Apr 2026
Dutch Cookie Law: Telecommunicatiewet Art. 11.7a
UpdatedDutch cookie law sits in Telecommunications Act 11.7a, separate from GDPR. What it requires, the three exceptions, and how the AP enforces it.
7 min read · Updated Apr 2026
Dutch Data Breach Reporting: 72-Hour Decision Tree
UpdatedData breach reporting in the Netherlands: a 72-hour decision tree for SMBs. What to file with the AP and when the Article 33 GDPR clock starts.
10 min read · Updated May 2026
Dutch Privacy Policy: 10-Step GDPR Guide
UpdatedPrivacy policy requirements for Dutch websites: 10 steps under the GDPR, what each section must contain, common AP findings, scanner check.
7 min read · Updated May 2026
Dutch Privacy Policy: 14 GDPR Required Elements
UpdatedUnder GDPR Articles 13 and 14, Dutch sites collecting personal data need a privacy policy. 14 mandatory elements and what the AP checks.
8 min read · Updated May 2026
GDPR Compliance Checklist for Dutch Businesses (2026)
UpdatedGDPR compliance checklist for Dutch businesses: 35 points covering privacy policy, cookie consent, data processors, retention and breach reporting.
7 min read · Updated Apr 2026
GDPR Data Retention Periods: Cheatsheet for Dutch Businesses
UpdatedGDPR data retention periods for Dutch businesses: a practical cheatsheet covering customer data, financial records, HR data and website analytics.
7 min read · Updated Apr 2026
GDPR Fines Netherlands: Real AP Cases | TrustYourWebsite
UpdatedGDPR fines in the Netherlands: real cases and amounts from the Dutch DPA (AP), including Uber, Booking.com, TikTok and Kruidvat.
5 min read · Updated May 2026
GDPR for Dutch Restaurant Websites: Fix Checklist
UpdatedGDPR for Dutch restaurants: reservations, Google Maps, menu photos and delivery widgets. A practical checklist for restaurants and cafés.
9 min read · Updated Apr 2026
GDPR Records of Processing: Article 30 Template
UpdatedBuild the Article 30 GDPR record of processing activities. Who is exempt, what to include, controller vs processor versions and a ready-to-fill template.
8 min read · Updated May 2026
GDPR Website Audit Checklist for Dutch Businesses
UpdatedGDPR website audit checklist for Dutch businesses. AP and ACM enforcement priorities, what to check, how to document findings in two to three hours.
10 min read · Updated May 2026
Google Analytics and GDPR: Is GA4 Legal in the Netherlands?
UpdatedCan you use Google Analytics (GA4) on a Dutch website under GDPR? What the Dutch DPA, EDPB and national DPAs have ruled and what your alternatives are.
6 min read · Updated May 2026
Google Maps Embed and GDPR: Three Compliant Solutions
UpdatedGoogle Maps embeds send visitor IPs to Google without consent. Three GDPR-compliant alternatives: lazy load, static image, OpenStreetMap.
5 min read · Updated May 2026
Privacy Policy Generators: What Templates Miss
UpdatedPrivacy policy generator guide for Dutch SMBs: what generators get right, what they miss, and how to use a template correctly under the GDPR.
6 min read · Updated Apr 2026
Website Trust Check: Free GDPR & Security Scan in 60 Seconds
UpdatedCheck your website free for GDPR violations, cookie issues, security and accessibility. Results in 60 seconds, no account required.
9 min read · Updated May 2026
Who Is Liable When ChatGPT Builds Your Website?
UpdatedYour designer used Cursor or Lovable. If your AI-built site breaks GDPR or cookie law, who pays? The Dutch answer, with a 9 Dec 2026 catch.
13 min read · Updated May 2026
YouTube Embed and GDPR: The Cookie-Free Approach
UpdatedStandard YouTube embeds set tracking cookies before consent. Two compliant fixes: youtube-nocookie.com and a click-to-load facade.
4 min read · Updated May 2026
youtube-nocookie.com: What It Actually Does
UpdatedDoes youtube-nocookie.com really protect visitor privacy? What cookies it places, when it places them and what it doesn't fix, including the thumbnail request.
7 min read · Updated Apr 2026
GDPR Fines for Small Businesses: Real Cases and Amounts
UpdatedReal GDPR fines for small businesses run from about 1,000 to 50,000 EUR. See published regulator decisions, what triggers enforcement and how to avoid it.
9 min read · Updated May 2026
EU AI Act for Dutch Website Owners
UpdatedArticle 50 of the AI Act applies 2 Aug 2026. AP and RDI enforce in the Netherlands. What Dutch SMB sites actually need to label, and what they don't.
14 min read · Updated May 2026
Product Liability Directive 2024/2853: 9 Dec 2026 (NL)
UpdatedDirective (EU) 2024/2853 makes software and AI 'products' for strict liability on 9 Dec 2026. What it means for Dutch SMBs, and what it does not change.
13 min read · Updated May 2026
Accessibility
Accessibility Statement for Your Website: 2026 Template
UpdatedAn accessibility statement is required since the EAA came into force. What must be in it, a working template, and how to draft your own in 30 minutes.
7 min read · Updated May 2026
ACM Enforcement: Digital Accessibility Is Now Mandatory
UpdatedThe ACM can now enforce digital accessibility requirements in the Netherlands. Here is what they check and what non-compliance means for your business.
7 min read · Updated Apr 2026
Dutch Hotel Website Accessibility: EAA Rules
UpdatedHotel websites and booking flows must comply with the EAA in the Netherlands. Accessibility requirements for room selection, checkout and property pages.
6 min read · Updated Apr 2026
Dutch Restaurant Accessibility: EAA Booking Rules
UpdatedDoes your Dutch restaurant website comply with the European Accessibility Act? Reservations, menus and booking flows must meet WCAG 2.1 AA.
7 min read · Updated Apr 2026
EAA for Dutch SMBs: What ACM Now Enforces
UpdatedEuropean Accessibility Act (Richtlijn 2019/882) in force since 28 June 2025. What it requires, who is exempt and what ACM enforces in NL.
6 min read · Updated May 2026
EAA for Dutch Webshops: 61% Failed ACM Audit
UpdatedACM audited 60 Dutch webshops in 2025 and found 61% breach EAA accessibility rules. What was found and how to fix common issues.
5 min read · Updated May 2026
EAA Penalties: ACM Fines for Accessibility Violations in NL
UpdatedEAA penalties in the Netherlands: maximum ACM fines for accessibility violations, enforcement approach and practical next steps for businesses now.
5 min read · Updated May 2026
Website Accessibility Overlays vs. Real Compliance
UpdatedAccessibility overlays promise a one-click fix but don't deliver. Learn why they fail and what actually works.
8 min read · Updated Apr 2026
Hotel Website Accessibility: EAA Booking Rules
UpdatedHotel booking systems need to work for everyone. Here's how to make your hotel website accessible and meet EAA requirements.
8 min read · Updated Apr 2026
Security
GDPR Requires a Secure Website: 12-Point Security Checklist
UpdatedGDPR Article 32 requires appropriate technical security measures for websites that process personal data. A 12-point checklist for Dutch small businesses.
7 min read · Updated Apr 2026
SME Website Security: 10-Point Cyber-Defence Playbook
UpdatedPractical cyber-defence playbook for SME websites: which attacks target small businesses and how to stop them in 30 minutes.
8 min read · Updated May 2026
Website Hacked: What to Do in the Next 6 Hours
UpdatedYour website has been hacked. A step-by-step response plan for the first 6 hours: contain the damage, notify the right people and get back online safely.
5 min read · Updated Apr 2026
Website Not Secure: How to Fix the SSL Certificate Error
UpdatedWebsite Not Secure fix: what triggers the browser warning, how to install free SSL via Let's Encrypt and how to lock in HTTPS on a Dutch website.
6 min read · Updated May 2026
Website Security Checklist: 10 Things to Check Today
UpdatedA practical security checklist for small business websites. 10 things you can check and fix today without technical expertise.
8 min read · Updated Apr 2026
Vulnerable WordPress Plugins: How to Check and Fix Them
UpdatedVulnerable WordPress plugins are the top attack vector for small business sites and a GDPR Article 32 risk. How to check, patch and audit your plugins.
7 min read · Updated Apr 2026
What Does a Website Security Scan Check?
UpdatedWhat a website security scan actually checks: SSL, headers, vulnerable libraries, outdated CMS and more. Learn what the results mean and how to fix issues.
11 min read · Updated Apr 2026
SSL Certificate: What It Is, Why You Need It
UpdatedAn SSL certificate encrypts data between your website and visitors. Here's what it does, why you need one and how to get one for free.
7 min read · Updated May 2026
Legal Pages
Dutch Website Legal Notice: BW 3:15d Colofon Rules
UpdatedLegal notice required Netherlands: under BW Boek 3:15d every Dutch business website needs 8 mandatory items. Here is the list and where to place them.
9 min read · Updated May 2026
EU ODR Platform Shut Down: What This Means for Your Webshop
UpdatedThe EU Online Dispute Resolution platform shut down on 20 July 2025 under Regulation (EU) 2024/3228. Update your webshop terms now.
4 min read · Updated May 2026
KVK Number on Your Website: Is It Required?
UpdatedDutch businesses must display their KVK number on their website. Here is where to put it and what else is required.
9 min read · Updated May 2026
KVK number on Google Business Profile: required or not?
UpdatedShould your KVK number be on your Google Business Profile? The law says one thing, Google has no field for it, and AI Overviews read your profile. What to do.
6 min read · Updated May 2026
VAT Number Display: NL Sole Proprietors, Watch Out for BSN
UpdatedDutch sole proprietors must display a BTW-ID on their website, not their old BTW-nummer which contains their BSN. Here is what to use.
11 min read · Updated May 2026
Germany: §5 DDG Replaced §5 TMG, Update Your Impressum
UpdatedThe German TMG was replaced by the DDG in 2024. If your Impressum still references TMG, here is what changed and how to update it.
11 min read · Updated Apr 2026
Terms & Conditions for Your Website: What to Include
UpdatedTerms and conditions template for Dutch websites: what to include for webshops and service sites under EU consumer law, plus what you can skip.
7 min read · Updated Apr 2026
E-Commerce
Dutch Webshop T&Cs: What BW Boek 6 Requires
UpdatedDutch webshop terms and conditions (algemene voorwaarden) under Boek 6 BW: what they must contain, how to make them binding, and what the ACM checks.
7 min read · Updated Apr 2026
Webshop Withdrawal Button: New Rule June 2026
UpdatedDirective (EU) 2023/2673 requires webshops to provide a digital withdrawal button for online services from June 19, 2026. What this means for Dutch e-commerce.
8 min read · Updated May 2026
"Buy Now" vs "Order": Why Your Button Text Matters Legally
UpdatedEU law requires specific wording on order buttons. The wrong text could make your orders non-binding. Here's what your checkout button must say.
7 min read · Updated Apr 2026
Dutch Webshop Compliance: Complete Checklist
UpdatedA full checklist of legal requirements for online shops in the Netherlands. KVK, order buttons, withdrawal rights, pricing rules and more.
10 min read · Updated May 2026
EU Checkout Rules: Button Text, Pricing, Consent
UpdatedEU checkout rules under Directive 2011/83/EU: order button text, price display, withdrawal rights and consent before the customer clicks Buy.
10 min read · Updated Apr 2026
EU Consumer Rights for Online Sellers: Plain-Language Guide
UpdatedEU consumer rights for online sellers: the 14-day withdrawal right, Omnibus pricing rules and pre-contractual disclosures in plain language.
9 min read · Updated May 2026
EU 14-Day Right of Withdrawal: Rules, Exceptions & Refunds
UpdatedEU 14-day right of withdrawal explained: when it starts, 8 exemptions, 14-day refund deadline, 12-month penalty for not informing buyers.
9 min read · Updated May 2026
EU Omnibus Price Display: The 30-Day Prior Price Rule
UpdatedThe EU Omnibus Directive's price-display rule requires showing the lowest price from the past 30 days when you advertise any discount. Here is what counts.
9 min read · Updated May 2026
Email Marketing
Is Double Opt-in Required? It Depends on the Country
UpdatedIs double opt-in required? Yes in Germany, recommended in Austria, optional elsewhere. What ePrivacy and GDPR say per country.
9 min read · Updated May 2026
Newsletter Signup Forms: GDPR Requirements
UpdatedYour newsletter signup form needs more than a checkbox. Here are the GDPR rules for email consent, what to store and how to avoid common mistakes.
9 min read · Updated May 2026
Pre-checked Signup Boxes Are Illegal: Here's Why
UpdatedPrechecked checkbox illegal under GDPR: the CJEU Planet49 ruling (C-673/17) confirms pre-ticked boxes do not produce valid consent. What to fix on your forms.
10 min read · Updated May 2026
SPF, DKIM and DMARC: Email Security in Plain Language
UpdatedSPF, DKIM and DMARC explained simply. Learn what they do, why you need them and how to set them up for your domain.
7 min read · Updated May 2026
Why Your Business Emails End Up in Spam (And How to Fix It)
UpdatedBusiness emails landing in spam? You're probably missing SPF, DKIM or DMARC records. Here's what they are and how to set them up.
8 min read · Updated Apr 2026
Email Marketing Consent: Country-by-Country Rules
UpdatedEmail marketing rules differ across Europe. Here are the consent requirements for the Netherlands, Germany, UK, Belgium and more.
11 min read · Updated Apr 2026
EU Soft Opt-in: Email Customers Without Consent
UpdatedThe soft opt-in lets you email existing customers without explicit consent. But strict conditions apply. Here's how it works.
8 min read · Updated May 2026
Images & Copyright
Copyright Claim Letter: What to Do (and What to Avoid)
UpdatedReceived a Pixsy, CopyTrack or PicRights demand letter? What the claim actually means under Dutch copyright law, how to negotiate, and when to call a lawyer.
9 min read · Updated May 2026
How Much Does a Copyright Claim Actually Cost? (EU)
UpdatedHow much a copyright claim costs in the EU: real settlement ranges for Getty Images, Copytrack and PicRights demands plus what drives the price up or down.
7 min read · Updated May 2026
Received a CopyTrack or Picright Claim? Is It Legitimate?
UpdatedCopyTrack and Picright send copyright claims for unlicensed images on websites. Are these claims legitimate? What to do and what not to do when you receive one.
8 min read · Updated Apr 2026
Received a Getty Images Letter? A Complete Response Guide
UpdatedGetty Images letter: what the demand means, Dutch case law on damages, how to negotiate, realistic settlement ranges for small businesses.
7 min read · Updated Apr 2026
Should You Ignore a Copyright Demand Letter? (EU)
UpdatedShould you ignore a Getty, Copytrack or PicRights demand letter? Why silence usually backfires and the rare situations where it might be the right call.
6 min read · Updated May 2026
Web Designer Copyright: Who Pays for Bad Images?
UpdatedWeb designer copyright liability under Dutch Auteurswet: who pays when images are unlicensed, how to claim from the designer, contract clauses to add.
8 min read · Updated Apr 2026
AI-Generated Code and Open-Source Licences
UpdatedCopilot or Cursor wrote GPL code into your site. The site operator distributes it, not the AI. What Doe v. GitHub decided and what you can actually do.
14 min read · Updated May 2026
AI-Generated Images on Your Business Website (NL 2026)
UpdatedArticle 50(4) of the AI Act applies 2 Aug 2026. The four risk layers a Dutch SMB should check before publishing AI-generated images on a website.
14 min read · Updated May 2026
Free Stock Photo Sources for Business Websites
UpdatedFind free stock photo sources that are safe for commercial use on your business website. Unsplash, Pexels, Pixabay and more, with license details.
9 min read · Updated May 2026
How to Scan Your Website for Copyrighted Images
UpdatedLearn how to find copyrighted images on your website before enforcement agencies do. Manual and automated methods to check every image.
6 min read · Updated May 2026