German GDPR
in progress
Katia Trost
Hi guys, Germany has even stricter GDPR laws than the EU, unfortunately. This limits our options when it comes to choosing platforms like EzyCourse. I really like the idea of EzyCourse, but for the moment, I will have to continue using Elopage, which is a German platform, that I am not too happy with, but that complies with German GDPR. I know there are some other requests concerning GDPR, but I want to make sure you really have all the important points when it comes to Germany.
- Servers should be in Germany or the EU at least (you have that feature now, I think)
- You as a server provider need to be able to trace all data movements (in case data leaks occur). So everyone working with the data (that includes subcontractors etc) needs to sign a privacy policy that they will comply with the GDPR (another person informed you about this already).
- We as members of EzyCourse will have to provide this information to our customers. We will also have to provide something called "imprint" (Impressum), which contains our company's legal information. So there needs to be a separate page for: imprint (Impressum), privacy policy (Datenschutz) and, terms of service (AGB). I am attaching the footer of my German website. This is what it should look like on the customer's end. In Summary, EzyCourse will have to provide the technical means for us to put out the information in the footer the way I show you on my website.
- Since customers need to consent to these things, we will need check boxes when people are checking out at their purchase. Also, EU law requires informing people about revocation (usually 14 days, but you can exclude it for online products, but only through individual agreement, like a check box, not in the terms of service!). Extra custom boxes are also very welcome (to inform people about the cancellation policy of an appointment, for example!)
- Cookie notice: needs to be adjustable in terms of individual consent. People need to be able to opt out of cookies. It is customary to have cookie notices differentiate between: consent to all cookies, do not consent, consent to essential cookies only. See this German legal text about it, you may have to translate: https://www.e-recht24.de/tracking-cookies/8451-hinweispflicht-fuer-cookies.html
- Correct VAT identifications on bills: Regular online products are taxed at 19%, but ebooks are only taxed at 7%. Also, some products do not get taxed with VAT. This is the case if the service is exempt: I am a therapist, for example, and get to offer appointments without VAT. I would love to use Ezycourse for my group therapy, but I can't if I can't stipulate the correct VAT for every product/membership I sell. Another case of exemption would be selling products B2B within the EU. If someone who lives in Austria, for example, would like to take part in my online class that regularly gets taxed at 19%, they will need a net invoice. This is called reverse charge. Therefore people need to be able to tick a box if they are B2B clients, which can easily happen if someone is taking a class as a business training (I train colleagues). So in a way the system needs to be able to recognize where the customer is coming from (country) and if it is a B2B customer.
- Transparent monthly reports: many people need to declare their VAT transactions monthly. In order to do this, we need a very clear report on all monthly sales as well as the VAT proportions. All sales with 19%, 7% or 0% need to be grouped together. I am happy to provide you with an example from Elopage that is compliant and user friendly for accountants. These reports need to coincide with the monthly cash-outs, of course. So all transactions and profits can be easily traced on the sales reports.
- It must be possible for customers to cancel/pause memberships/subscriptions themselves in an easy way, through a button or so.
- Free products can't be declared as "free" if we are using them to generate lead magnets. We will have to be able to tell people that they are free of charge, but that we will collect data. So the wording at the check-out counts.
I know this is a lot to ask from a platform. Unfortunately, German entrepreneurs don't really have a choice in the matter. All of this comes at great financial costs for us. The problem is that the non-compliance with even one of the points above will open us up to liability. And there are people out there actively looking for liabilities in online shops and websites. They will blackmail you to pay money or otherwise report you to the authorities. There are huge fines for data infringements. Also, German tax authorities are extremely demanding. If they think your billings or the reports that you base your VAT/income tax on are sketchy, they will order a tax audit. Therefore, reports and billing (which needs to be automatic, not on request) need to be impeccable.
I hope that helps. I would really like to start using EzyCourse. But for the moment I am opening myself up to liability. If you want to work with German customers, you need to consult with German lawyers on all of the above topics, especially privacy policy and tax regulations. Katia
Amani Saaduddin
in progress
t
tahiana bohan
Hi, I'm wondering if everything you're mentioning are actually a common EU GDPR rules (except points 6 & 7),because I have the same issues in France which keep me from implementing Ezycourse at the moment.
Points 6 and 7 are VAT calculations and payment issues which would in any case benefit everyone. I think Thrivecart Pro checkout pages and Payhip do this well, as the calculations are automatic based on where the buyer is coming from and whether they tick a "I am a business" box.
Niko Kupper
wow! Sehr gut zusammengefasst - vielen Dank dafür.
Amani Saaduddin
planned