Website Check and Web App Check
ePrivacy provides consultation for companies for the design of websites and web apps if there are high demands on data privacy and data security to be met. Certification in the form of the recognized ePrivacyseal or ePrivacyApp data protection seals will be possible where a product meets the stringent requirements as to data protection and data security to an exemplary degree.
What is the difference between a website and a web app?
Unlike a website, a web app (short for web application) is a server-sided application program with which clients can be connected. The application program will therefore not be run locally on a computer or mobile end device of the use, but on a server. The user only receives the results which the web app runs.
A web app generally includes one or more databases, in which the information provided by the user and other data are stored. In general, a web app communicates using the HTTP protocol. Because smartphones, tablets, new devices and mobile technologies are gaining ground, many developers program web apps which can be accessed through an app installed on a mobile.
The storage and administration of user data on the server side poses the following security questions for website and web application providers:
- Is the privacy statement on the website complete?
- Are plug-ins like Google Analytics or for social media adequately presented?
- Are all cookies or mobile identifiers which the website/web app sets listed?
- Is the login area adequately encrypted?
- Can a potential attacker tap data from the web app or even take control (hijacking)?
- Is the communication between the mobile product and the web app sufficiently protected?
- Is the website/web app sufficiently protected against attack scenarios currently known?
Many users are concerned about the possibility of providers misusing their data or disseminating information to third parties. In order to review data protection and data security within a website or web app, more and more users and providers are requesting a professional certification, and thereby build confidence in that app.
Why is it useful for operators of web apps and websites to consult ePrivacy or to have a certification with the ePrivacyseal or ePrivacyApp?
- Websites and web apps can be developed from the start in such a way that they are commensurate with the currently applicable law (“Privacy by Design”)
- The need for any subsequent amendments in line with data protection and data security regulations can be dispensed with
- Data breaches and the associated subsequent financial losses and loss of reputation can be avoided
- Connected car providers become familiar with any technical flaws in their products with regard to data protection and data security and are able to rectify these before any critical data leaks occur
- With a certificate for a website or web app you show that you pay particular attention to data protection and create trust
ePrivacy web app services
- Advice on privacy by design and privacy by default approaches to new products and services
- Verification of compliance with currently relevant data protection regulations and security standards
- Data protection impact assessment for new websites and web apps (Privacy Impact Assessment)
- Data protection certification in accordance with German, EU or Swiss law in the form of the ePrivacyseal
- Technical verification of apps on the basis of potential current and future attack scenarios
ePrivacy will assist you in designing your products, technologies and services in line with the extremely stringent requirements imposed by applicable data protection legislation. We will help you and your employees to ensure the secure handling of customer and user data.
Please feel free to contact us - we will be happy to assist you!