Vienna, 06/25/26 4:42 p.m.
Start search with ⮠ [Enter]
Popular search terms
Hile
FAQ Contact
0xF1E500
Cursor

Become legally secure online – GDPR & Accessibility

A legally flawless website is often an important requirement today. GDPR, accessibility, legal notice requirements, data protection declaration - anyone who neglects these topics risks, in the worst case, paid warnings, legal fees and official consequences.

Legal security for your website

Many companies think this only happens to other people. Every year, numerous websites in Austria receive warnings - often because of small things that can easily be avoided with the right measures.

In addition to the direct costs of a warning, indirect consequences can also be noticeable: loss of trust among customers, damage to reputation or - if personal data is affected - official proceedings.

The good thing about it: With a little attention and a structured approach, the risk can be significantly reduced. And that is exactly our approach.

What does a website in Austria have to fulfill today?

GDPR – data protection

The GDPR has been in force since 2018 - and is increasingly being actively enforced. What this means specifically for your website:

Privacy Policy

You need a complete, understandable explanation of how you handle personal data. Important: A generic template is not enough. The explanation must reflect your actual situation. Do you use Google Analytics, Google Ads, Facebook Pixel or newsletter tools like Mailchimp? Any tool that collects or shares data should be mentioned.

Legal basis for data processing

Data may not just be collected - there always needs to be a legal basis. In most cases this is the consent of the user. This must be informed, voluntary and revocable at any time.

Cookies & Tracking

Anyone who uses tracking tools needs the active consent of website visitors - and that goes beyond a simple cookie banner. What is needed is a complete consent management system that makes rejecting just as easy as agreeing.

Information & Deletion

Anyone who processes personal data must be able to provide information upon request and delete data upon request. This sounds obvious, but in practice it requires clear internal processes.

Accessibility – BFSG 2025

For many companies, this topic is still new territory: The Accessibility Act (BFSG) will apply in full from June 2025. From this date, websites and online shops must be accessible to people with disabilities. This is a legal obligation, depending on various factors.

What this means in practice:

Visual accessibility

Visually impaired people use so-called screen readers to view websites. For this to work, you need a clean HTML structure with correct headings and lists, alt texts for all images, sufficient contrast ratios between text and background (at least 4.5:1) and the avoidance of purely color-based information.

Motor accessibility

All functions of a website must also be operable using the keyboard - without a mouse. This includes visible focus states (you can see which element is currently active) and the ability to exit all interactive elements.

Hearing impairments

Videos should have subtitles, podcasts should ideally be supplemented with a transcription.

Cognitive Accessibility

Clear, understandable language, consistent navigation and the absence of distracting animations help people with learning or concentration difficulties to fully grasp content.

Control and consequences: Compliance with the BFSG is checked by the authorities. Violations result in high fines. Additionally, inaccessible websites can lead to accusations of discrimination - a risk that goes well beyond the financial penalty.

How digitalists make your website legally compliant

  1. 1. Phase

    Compliance Audit

    We look at your website and check:
    – Is there a data protection declaration? Is it current?
    – Is there an imprint? Is it complete?
    – Do you use tracking tools? Are these compatible with data protection?
    – How is consent management?
    – Is the website barrier-free?
    – Are there other legal problems?
  2. 2. Phase

    Data protection strategy

    Based on your website and your business, we develop a data protection strategy:
    – What data do you collect?
    – Do you have the legal basis for this?
    – What tools do you use? Are these GDPR compliant?
    – How does consent management work?
    – How to handle your requests for data insight & Deletion?
  3. 3. Phase

    Implementation

    We implement and support:
    – A legally secure data protection declaration
    – A correct legal notice
    – The consent management tool (e.g. Cookiebot, OneTrust)
    – Correct configuration of all tracking tools
  4. 4. Phase

    Accessibility

    We make your website BFSG compliant:
    – Correct HTML structure
    – Alt text for all images
    – Check color contrasts & adjust
    – Test keyboard navigation & fix
    – Videos with subtitles
    – Accessible Forms (Labels, Error Messages, etc.)

Are you ready to become legally compliant?

A website that is not legally compliant is a risk - for your company and for your customers & Customers. We help you reduce this risk.

Get started now

FAQs

Frequently asked questions about legal certainty.

As a small company, am I really affected by the GDPR?
Yes. The GDPR applies to all companies that process personal data of people in the EU - regardless of size. Anyone who operates a website with a contact form, newsletter or Google Analytics already processes personal data and must meet the requirements. Missing data protection declarations, cookie banners or processing directories are common warning risks.

What is the BFSG and who does it affect?
The Accessibility Strengthening Act (BFSG) implements the EU directive for barrier-free digital products and services into Austrian law. From June 28, 2025, certain companies - including providers of online shops, banking, telecommunications and digital services - must make their websites and apps barrier-free. We check whether and to what extent you are affected.

What does accessibility mean specifically for my website?
Accessible websites are designed so that people with disabilities - e.g. B. visual impairments, motor limitations or learning disabilities – can make full use of them. Specifically, this means: sufficient color contrast, keyboard usability, alt texts for images, clearly structured headings, and compatibility with screen readers. The standard for this is called WCAG 2.1, Level AA.

Can I be warned for a non-GDPR compliant website?
Yes, there is a risk. Warnings due to missing or incomplete data protection declarations, incorrect cookie implementation or no order processing agreement with tools such as Google Analytics are documented in Austria and Germany. We help you eliminate the most common risks – without complex legal opinions. For in-depth legal advice, we also recommend a data protection lawyer.
Cases
CS 1920
JACOBS Icepresso campaign
OOH, DOOH, social media postings, advertising materials, HTML5 banners
Jacobs
JACOBS Icepresso Campaign
CS 695
Website relaunch for e-dialog
Screen design, WordPress programming, multilingualism
e-dialog
Website relaunch for e-dialog
CS 682
Website relaunch for UNICEF
Technical implementation, donation forms, print products
UNICEF AT
Website relaunch for UNICEF

Who are we?

As a creative digital agency, we develop solutions that not only inspire, but also deliver measurable results – thought and implemented sustainably.

What services do we offer?

Design & Print

Online Solutions

Online Marketing

Advice

What solutions do we offer?

Who have we already been able to work for?

Chamber of Labor
Family park
UNICEF
TU Vienna
Aperol
Campari
Children's Fund
e-dialog
Forest source
Country Lower Austria
Fair Fashion Blog for the AK ÖÖ Website relaunch for UNICEF Brand website by Stolichnaya

Write us a message

Message*
!

Thank you very much for the message. We'll be in touch shortly!

Write us a message

Message*
!

Thank you very much for the message. We'll be in touch shortly!