Websites are facing the risk of being taken offline, be GDPR compliant 

In a recent ruling, a court ordered a law firm to take their website offline because the site did not have a proper GDPR privacy statement. If the firm didn’t take the site offline, they would have to pay 250,000€.

Patrick Dewald, CEO of GDPR specialist GDPRWise explains: “The court emphasises that compliance with the GDPR is an obligation that every company must invest in. According to the court, a company that does not given GDPR the attention it deserves is practicing unfair competition and that cannot be allowed. That is why the court ruled that the company website must be offline until it is compliant with the GDPR.”

GDPRWise developed a GDPR policy checker and checked more than 500 Belgian/Flemish websites. The results were striking. More than three quarters of the checked websites failed the test and therefore risk being removed from the internet according to recent case law. 52% don’t even have a privacy policy online at all.

Patrick Dewald : “We see that the majority of companies are taking big risks with GDPR. In addition to fines and problems with customers and consumer organisations, there is now also the threat that your site will be taken off the internet.”

It is also noticeable that sectors such as the liberal professions, medical and paramedical professions and catering, score worse than ordinary traders and e-commerce. However, those professions handle more and more sensitive personal information and you would expect them to score better in terms of GDPR.

“We also clearly notice that many sites that do have a privacy statement have simply copied it from somewhere else, without that statement being adapted to their business. Such sites run an ever higher risk we believe,” Patrick Dewald continues, “For example each privacy statement must state that the consumer can file a complaint with the Data Protection Authority (DPA). No less than 72% of the privacy statements still refer to the old name privacy commission or commission for the protection of privacy. That is of course a clear signal that your privacy policy is hopelessly out of date.”


If you want to test whether you run the risk of having to go offline because your GDPR privacy policy is not good enough, you can check it for free via

Here is the link to the German court ruling