gdpr
How to fix: Data controller identified
GDPR Art. 13(1)(a)
Why this matters
GDPR makes the 'data controller' — the legal entity deciding what to do with personal data — responsible for compliance. Visitors need to know who that is to exercise their rights, complain to a DPA, or pursue legal action.
Background
The Privacy Policy must identify the data controller (usually your registered company) by name + contact details. Anonymous 'we' + 'this site' phrasing fails GDPR Art. 13 — regulators specifically check for a named legal entity.
References
GDPR Art. 13(1)(a) — identity + contact details of the controller
How to fix
Code snippet for each stack we cover. Pick the one matching your server / framework.
nginx
No server config — content edit.
apache
Same.
cloudflare
Same.
wordpress
Edit Privacy Policy page. Include: registered company name, company number (CRO / Companies House), trading address, contact email for data requests.
flask
Same — privacy policy template edit.
express
Same.
rails
Same.
Verify it's working
Open /privacy-policy. Should see: registered company name + company number + trading address + data-protection contact email.
Want to know if your site has this issue?
Run a free 53-check audit — security, GDPR, NIS2, and technical SEO.
Audit my site →