I've also implemented GDPR. Of course it's complex, it's a continent wide law, how could it not be complicated?
But I still think that "don't track your users without their informed consent" is a good summary of the intention of the law.
And I would also say that's it's only really complex to implement if you were already tracking your users and now you need to change everything. If you weren't doing that, you'd probably find it remarkably easy to implement.
But I still think that "don't track your users without their informed consent" is a good summary of the intention of the law.
And I would also say that's it's only really complex to implement if you were already tracking your users and now you need to change everything. If you weren't doing that, you'd probably find it remarkably easy to implement.