Webflow Professional Partner - Kirch & Kriewald
Home
/
Magazin
/

Create GDPR-compliant forms with Webflow

GDPR-compliant Webflow website: Complete 2025 checklist

A GDPR-compliant Webflow website requires 7 essential measures for data protection and legal security. This checklist shows all mandatory steps for German companies.

Malte Kriewald
Author:
Malte Kriewald
Date:
09.04.2024
Last update:
28.07.2025
GDPR compliant forms
DSGVO
Forms
Webflow
No-Code
Content of the article:

GDPR Webflow checklist: 7 mandatory steps for legal certainty

Webflow websites must meet GDPR requirements. These 7 points are mandatory for German companies:

  1. Implement cookie banners: Integrate Cookiebot, Consentmanager or Usercentrics via custom code
  2. Adjust the privacy policy: Add Webflow specific information (server in USA, AWS hosting)
  3. Set up forms in compliance with GDPR: Implement a consent checkbox and double opt-in for newsletter registrations
  4. Configure Google Analytics: Activate IP anonymization, implement consent mode
  5. Host web fonts locally: Download Google fonts and upload them to Webflow Assets
  6. Create a full legal notice: Provider identification in accordance with §5 TMG with all mandatory information
  7. Check SSL encryption: Enable HTTPS forwarding in Webflow (automatically available)

Important note: Webflow servers are located in the USA. that EU-US Data Privacy Framework From 2023, this makes it GDPR-compliant, but requires appropriate information in the privacy policy.

Webflow GDPR: Avoid the most common mistakes

1. Configure cookie banners correctly

Many Webflow websites still use the outdated “Implied Consent.” Since 2021, explicit consent upon EU GDPR Art. 7 Duty.

Cookiebot integration (custom code):

<script id="Cookiebot" src="https://consent.cookiebot.com/uc.js" data-cbid="[IHRE-ID]" type="text/javascript"></script>

2. Privacy Policy: Webflow specific information

These points must be included in your privacy policy:

  • Webflow Inc. Name as processor
  • AWS servers Mention (Amazon Web Services) in USA
  • EU-US Data Privacy Framework State it as a legal basis
  • data transmission Make it transparent in third countries

3. Set up forms in compliance with GDPR

Standard Webflow forms can be used in compliance with GDPRif certain measures are followed:

Basic requirements for all forms:

  • Consent checkbox with clear wording
  • Transparent privacy policy link
  • Order processing contract with Webflow (automatically through DPF certification)
  • Secure data transfer (HTTPS - with Webflow standard)

Double opt-in requirements:

  • Newsletter registrations: Double opt-in mandatory
  • Contact forms: Simple consent is sufficient
Formular-Typ Standard Webflow Double-Opt-In Lösung
Kontaktformular ✅ DSGVO-konform Nicht erforderlich
Newsletter-Anmeldung ❌ Workaround nötig Formtaxi, Netlify, MAKE
Lead-Generierung ⚠️ Je nach Zweck Bei E-Mail-Marketing: Ja

Google Analytics & Webflow: Set up in compliance with GDPR

Implement consent mode

Google Analytics 4 offers “Consent Mode” for cookieless tracking:

GA4 Consent Mode (head area):

<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('consent', 'default', {
  'analytics_storage': 'denied',
  'ad_storage': 'denied'
});
gtag('js', new Date());
gtag('config', 'GA_MEASUREMENT_ID');
</script>

Web fonts GDPR-compliant: Local hosting

Issue: Google Fonts transfer IP addresses to Google (USA)solution: Host fonts locally in Webflow

Instructions: Host Google Fonts locally

  1. Fonts from Google Fonts Helper downloading
  2. Uploading WOFF2 files to Webflow Assets
  3. Defining custom CSS with @font -face
  4. Use font family in typography settings

Impressum for Webflow websites

The imprint must from any side be available in a maximum of 2 clicks.

Mandatory information according to §5 TMG:

  • Full name and address
  • contact details (telephone, e-mail)
  • Commercial register entry (if available)
  • Sales tax ID
  • Professional liability insurance (for consultants)

GDPR audit: check Webflow website

Free tools for GDPR check:

Costs for a GDPR-compliant Webflow website

Bereich Einmalig Monatlich Anbieter-Beispiele
Cookie-Banner 0€ 29€ Cookiebot, Usercentrics
DSGVO-Formulare 0€ 9€ Formtaxi, Netlify
Datenschutzerklärung 200€ 0€ eRecht24, Anwalt
DSGVO-Audit 500€ 0€ Datenschutzbeauftragte
Gesamt 700€ 38€ Erste Jahr: ~1.200€

EU-US Data Privacy Framework Update 2023

On July 10, 2023, the EU-US Data Privacy Framework (DPF) adopted by the European Commission as a new data protection agreement for data transfers to the USA.

Webflow, Inc. is after DPF certified and is included in the official list of participating companies. However, data transmission is also based on Standard Contractual Clauses (SCCs) pursuant Art. 46 GDPRto ensure a high level of data protection.

Conclusion

A GDPR-compliant Webflow website is easy to implement with the right measures. The 7-point checklist shows: Standard Webflow forms can be used in a legally secure manner as long as a consent checkbox is implemented. Double opt-in is only mandatory for newsletter registrations.

The biggest cost factors are cookie banners (29€/month) and professional data protection declarations (200€ one-off). With an investment of around €1,200 in the first year, you protect yourself against GDPR fines and build trust with your website visitors.

Important: Webflow's DPF certification makes the platform fundamentally GDPR-compliant. However, the individual website configuration is your responsibility. In case of uncertainty, advice from a Data protection experts.

Further resources:

Webflow GDPR: Common Questions (FAQ)

Projects related to the topic

View all projects
Webflow design & CMS implementation for DreamHaus
Webflow design & CMS implementation for DreamHaus
Webflow design & CMS implementation for DreamHaus
Webflow CMS implementation
Weglot
Jetboost-Integration
Webflow support
Multilingualism
Webflow relaunch & photo shoot for 90.10
Webflow relaunch & photo shoot for 90.10
Webflow relaunch & photo shoot for 90.10
Webflow CMS implementation
Visual-Branding
Fotoshooting
Webflow relaunch
UI & UX Design

Mehr aus dem Magazin

To the magazine
3.8.2025

Understanding AI crawling

Why does Perplexity find your competition but not your website? AI systems crawl differently than Google: faster, more semantic, more sophisticated. This guide explains the three ways AI accesses websites and uses a 5-minute test to show you how crawlable your site really is.

Visibility in the AI era — Strategy
Arrow
14.7.2025

What is GEO — and what does it mean for your content strategy?

GEO stands for Generative Engine Optimization — and changes how content ends up in AI answers. We'll show you what's behind it and how you can prepare yourself.

Visibility in the AI era — Strategy
Arrow
10.7.2025

Quick check: Is your website AI-compatible?

10 simple questions that show whether your content can be recognized, understood — and integrated into answers — by AI systems.

Visibility in the AI era — Quick Guide
Arrow
<script type="application/ld+json">{"@context “:" https://schema.org “," @type “: “howTo”, “name”: “Create a GDPR-compliant Webflow website”, “description”: “7-step guide for legally compliant Webflow websites”, “step”: [{"@type “: “HowToStep”, “name”: “Implement cookie banners”, “text”: “Cookiebot, Consentmanager, or Usercentrics via Custom Code embed”}, {"@type “: “HowToStep”, “name”: “Customize privacy policy”, “text”: “Add WebFlow specific information (server in USA, AWS hosting)”}, {"@type “: “HowToStep”, “name”: “GDPR forms make compliant”, “text”: “Implement double opt-in with Formtaxi, Netlify Forms, or Zapier</script>”}]}