HomeFix guides → Form privacy notice present

gdpr

How to fix: Form privacy notice present

GDPR Art. 13

Why this matters

Forms that collect personal data — even a name and email — must show a privacy notice or link to the privacy policy at the point of collection, not buried in the footer.

Background

When a form collects personal data, GDPR requires a just-in-time privacy notice at that point. Even a link to your privacy policy works ('By submitting this form, you agree to our [privacy policy]'). Most sites miss the link on contact + newsletter forms.

References

GDPR Art. 13 — information to be provided at point of collection

How to fix

Code snippet for each stack we cover. Pick the one matching your server / framework.

nginx
No server config — form-template edit.
apache
Same.
cloudflare
Same.
wordpress
Add a privacy-link snippet under every form: <p>By submitting, you agree to our <a href="/privacy-policy">privacy policy</a>.</p>
flask
Add the same snippet to every form template.
express
Same.
rails
Same.

Verify it's working

Open every form on your site. Each should display a privacy policy link or just-in-time notice nearby.

Want to know if your site has this issue?

Run a free 53-check audit — security, GDPR, NIS2, and technical SEO.

Audit my site →