{"id":14639,"date":"2025-09-19T11:39:56","date_gmt":"2025-09-19T09:39:56","guid":{"rendered":"https:\/\/map.dannynetwork.duckdns.org\/?post_type=helpdesk&#038;p=14639"},"modified":"2026-01-02T10:47:50","modified_gmt":"2026-01-02T09:47:50","slug":"guide-to-using-the-my-agile-privacy-policy-assistant","status":"publish","type":"helpdesk","link":"https:\/\/www.myagileprivacy.com\/en\/helpdesk\/guide-to-using-the-my-agile-privacy-policy-assistant\/","title":{"rendered":"Guide to Using the My Agile Privacy\u00ae Policy Assistant"},"content":{"rendered":"<p>The My Agile Privacy<sup>\u00ae<\/sup> Policy Assistant was designed to simplify the creation of Privacy and Cookie Policies that are truly compliant with applicable regulations.<br \/>\nThe process is intuitive and guided: by answering a series of questions about your business and your website\u2019s features, the Policies will be updated based on your specific use case. The whole process only takes a few minutes and just a handful of simple steps.<\/p>\n<h2>Welcome: let\u2019s get started together<\/h2>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-14641 size-large\" src=\"https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-1-eng-1024x400.png\" alt=\"\" width=\"1024\" height=\"400\" srcset=\"https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-1-eng-1024x400.png 1024w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-1-eng-300x117.png 300w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-1-eng-768x300.png 768w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-1-eng.png 1465w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>It\u2019s time to prepare and gather the information you will need.<br \/>\nTake a moment to make sure you have your company details handy, a list of your website\u2019s features, and a clear idea of where your customers are located.<\/p>\n<p>The progress bar at the top shows you the entire journey and your current status.<br \/>\nEach step comes with clear explanations and practical examples.<\/p>\n<h2>Localization: where you operate and who your business serves<\/h2>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-14643 size-large\" src=\"https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-2-eng-1024x897.jpg\" alt=\"\" width=\"1024\" height=\"897\" srcset=\"https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-2-eng-1024x897.jpg 1024w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-2-eng-300x263.jpg 300w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-2-eng-768x673.jpg 768w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-2-eng.jpg 1465w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>This step is essential to determine which laws apply to your business. It\u2019s important to define both where your business is based and where your clients and users are located, in order to correctly identify which regulations apply.<\/p>\n<p><strong>Where you are based:<\/strong> this determines the main jurisdiction under which you operate. Select the country where your company is legally registered from the dropdown menu.<\/p>\n<p><strong>Where your customers are located:<\/strong> here you have two main options. If your business is purely local, you can choose \u201cOnly in my country.\u201d But if your horizons are broader, you\u2019ll need to select \u201cChoose countries\u201d and specify the regions where you intend to operate.<\/p>\n<p>When you specify that your customers are in multiple regions, you\u2019ll see a list of geographic areas appear.<br \/>\nYou\u2019ll need to select the regions where your customers are located (Any EU country, United Kingdom, Canada, Switzerland, Brazil, United States, etc.).<\/p>\n<p>Since each U.S. state adopts its own privacy regulations, for the United States you can select individual states such as California, Colorado, Connecticut, and others.<\/p>\n<p>Based on your selections, the assistant automatically identifies which regulations may apply to your case, from the list below:<\/p>\n<ul>\n<li style=\"text-align: left;\">GDPR (EU &amp; UK)<\/li>\n<li style=\"text-align: left;\">nLPD \/ nFADP (Switzerland)<\/li>\n<li style=\"text-align: left;\">PIPEDA (Canada)<\/li>\n<li style=\"text-align: left;\">LGPD (Brazil)<\/li>\n<li style=\"text-align: left;\">CCPA\/CPRA (California)<\/li>\n<li style=\"text-align: left;\">CPA (Colorado)<\/li>\n<li style=\"text-align: left;\">CTDPA (Connecticut)<\/li>\n<li style=\"text-align: left;\">DPDPA (Delaware)<\/li>\n<li style=\"text-align: left;\">MCDPA (Minnesota)<\/li>\n<li style=\"text-align: left;\">MTCDPA (Montana)<\/li>\n<li style=\"text-align: left;\">NDPA (Nebraska)<\/li>\n<li style=\"text-align: left;\">NRS 603A (Nevada)<\/li>\n<li style=\"text-align: left;\">NHPA (New Hampshire)<\/li>\n<li style=\"text-align: left;\">NJDPA (New Jersey)<\/li>\n<li style=\"text-align: left;\">OCPA (Oregon)<\/li>\n<li style=\"text-align: left;\">TIPA (Tennessee)<\/li>\n<li style=\"text-align: left;\">TDPSA (Texas)<\/li>\n<li style=\"text-align: left;\">UCPA (Utah)<\/li>\n<li style=\"text-align: left;\">VCDPA (Virginia)<\/li>\n<\/ul>\n<p>You\u2019ll see colored info panels for each regulation, with key details for each: you\u2019ll need to confirm which ones apply to your specific case.<\/p>\n<p>This step determines the entire legal framework of your Policies.<br \/>\nThe assistant uses this information to tailor texts, obligations, and rights specific to each jurisdiction.<br \/>\nThis way, your Privacy Policy will reflect your real situation.<\/p>\n<h2>Identity: Data Controller and DPO<\/h2>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-14645 size-large\" src=\"https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-3-eng-1024x524.png\" alt=\"\" width=\"1024\" height=\"524\" srcset=\"https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-3-eng-1024x524.png 1024w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-3-eng-300x154.png 300w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-3-eng-768x393.png 768w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-3-eng.png 1465w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>Here we collect the essential information about the Data Controller.<br \/>\nLegally speaking, you (or your company) decide how and why personal data is collected and used. For this reason, users must clearly know who is managing their personal data. You\u2019ll need to fill out:<\/p>\n<p><strong>Company or website owner\u2019s name:<\/strong> this becomes the \u201cData Controller\u201d in your Policies. This field clearly identifies who is responsible for the collected data.<\/p>\n<p><strong>Business email:<\/strong> this is the main channel through which users can contact you regarding their Privacy rights.<\/p>\n<p><strong>Company address<\/strong> and <strong>VAT number<\/strong> are not mandatory fields\u2014you may be an individual. But if you\u2019re a company, this information completes the picture and provides users with everything they need to be informed about data collection.<\/p>\n<h3>The DPO: who they are and why they matter<\/h3>\n<p>As you can see, there\u2019s a checkbox asking if you have a <strong>Data Protection Officer (DPO).<\/strong><br \/>\nThe DPO is a professional role that oversees privacy compliance, acts as a liaison with supervisory authorities, and advises the company on data protection matters.<\/p>\n<p>Not every business is legally required to have one: it is generally mandatory for public bodies, companies that conduct large-scale systematic monitoring, or that process large amounts of special categories of data (such as health or judicial data).<\/p>\n<p>However, even smaller companies may choose to appoint one, to ensure greater security in privacy management.<br \/>\nSo, if you have one, tick the box and fill in the additional fields with your DPO\u2019s information. Otherwise, move on.<\/p>\n<h2>Website features: what your site really does<\/h2>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-14647 size-large\" src=\"https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-4-eng-1024x386.png\" alt=\"\" width=\"1024\" height=\"386\" srcset=\"https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-4-eng-1024x386.png 1024w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-4-eng-300x113.png 300w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-4-eng-768x289.png 768w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-4-eng.png 1465w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>Here you specify exactly what happens on your website: from the list of features, you must select only those that are actually active.<br \/>\nThe resulting Policies will also be tailored based on this information.<\/p>\n<p>Each entry represents a different way of interacting with your users, and therefore a different type of data collection:<\/p>\n<p><strong>Contact forms:<\/strong> probably the most common feature. If your website has even a simple \u201cContact Us\u201d page or a request form, this box must be selected.<\/p>\n<p><strong>Online payments:<\/strong> covers the entire e-commerce world. From selling physical products to digital services, subscriptions, and one-time payments.<br \/>\nIf you process transactions, manage financial data, and billing information, this option must be selected.<\/p>\n<p><strong>Account registration:<\/strong> covers any system that allows users to create a profile: reserved areas, personal dashboards, login systems.<\/p>\n<p><strong>Newsletter and email marketing:<\/strong> includes not only classic newsletters, but also promotional SMS, direct mail, and any direct marketing communication.<\/p>\n<p><strong>Reviews and feedback:<\/strong> includes rating systems, customer testimonials, satisfaction surveys, and any mechanism to collect user opinions.<\/p>\n<p>Two options deserve particular attention:<\/p>\n<p><strong>Minors\u2019 personal data:<\/strong> if your site collects data from individuals under 18, you must select this option.<br \/>\nMinors\u2019 data has special protections under all major regulations.<\/p>\n<p><strong>Special categories of personal data:<\/strong> these are so-called \u201csensitive data\u201d\u2014information on health, political orientation, religion, sexual orientation, biometric or genetic data. If your site collects this type of information, it requires even stricter legal protections.<\/p>\n<p><em><strong>Warning: select only the features that you have actually activated.<\/strong> It\u2019s important to be accurate and avoid providing incorrect information, in order to prevent confusion and legal issues.<\/em><\/p>\n<p>Each feature you select will result in specific sections being included in the Policies, explaining:<br \/>\n- Which data is collected for that feature;<br \/>\n- Why it is necessary (the legal basis);<br \/>\n- How it is used;<br \/>\n- What rights users have regarding that data.<\/p>\n<h2>Data sharing: do you transfer data to other countries?<\/h2>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-14649 size-large\" src=\"https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-5-eng-1024x599.png\" alt=\"\" width=\"1024\" height=\"599\" srcset=\"https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-5-eng-1024x599.png 1024w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-5-eng-300x175.png 300w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-5-eng-768x449.png 768w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-5-eng.png 1465w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>Rarely does a website operate in complete isolation: you probably use hosting, analytics, email marketing, or other services that may have servers in countries different from yours.<\/p>\n<p><strong>Do you use providers located outside the EU, Switzerland, or other countries recognized as adequate?<\/strong><br \/>\nInternational transfers aren\u2019t just the obvious ones (like using a U.S. server) but may be hidden in seemingly harmless services:<\/p>\n<p>Your <strong>hosting service<\/strong> may have globally distributed data centers, and data could automatically end up on non-European servers to optimize performance.<\/p>\n<ul>\n<li><strong>Analytics systems<\/strong> such as Google Analytics process data on international servers, even when configured for compliance.<\/li>\n<li><strong>Email marketing platforms<\/strong> often have global infrastructures, and each newsletter sent may pass through servers in third countries.<\/li>\n<li><strong>Customer support<\/strong> and helpdesk services may be based in countries with different regulations.<\/li>\n<li>Even <strong>CDNs and optimization systems<\/strong> distribute your content (and potentially user data) on servers around the world.<\/li>\n<\/ul>\n<h3>\u201cAdequate countries\u201d and all others<\/h3>\n<p>The European Union maintains a list of countries considered \u201cadequate,\u201d meaning with protection standards essentially equivalent to European ones. If your data is exported only to these countries, you can proceed to the next step (<a href=\"https:\/\/commission.europa.eu\/law\/law-topic\/data-protection\/international-dimension-data-protection\/adequacy-decisions_en\" target=\"_blank\" rel=\"noopener\">you can find the list of adequate countries here<\/a>).<\/p>\n<p>But if you use services based in other countries not considered adequate, you must select the option. A list of countries will appear, and you\u2019ll need to select the ones where your data is shared.<\/p>\n<h2>Security measures<\/h2>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-14651 size-large\" src=\"https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-6-eng-1024x359.png\" alt=\"\" width=\"1024\" height=\"359\" srcset=\"https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-6-eng-1024x359.png 1024w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-6-eng-300x105.png 300w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-6-eng-768x269.png 768w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2025\/09\/wizard-step-6-eng.png 1465w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>The final step focuses on the concrete measures you\u2019ve put in place to protect your users\u2019 data.<br \/>\nAll the options you have implemented must be selected.<\/p>\n<p><strong>Encrypted communications (HTTPS):<\/strong> probably the most universal measure. If your site uses HTTPS protocol (and it always should), this box must be selected. It means all communications between users\u2019 browsers and your server are encrypted, preventing interception during transfer.<\/p>\n<p><strong>Log monitoring:<\/strong> refers to the ability to track who accesses systems and when. If you have systems that log access, detect suspicious activity, or track changes to data, tick this box.<\/p>\n<p><strong>Regular backups:<\/strong> one of the most concrete protections against data loss. If you have automated or manual procedures that create backup copies of data, regularly tested for restoration, select this option.<\/p>\n<p><strong>Security audits and checks:<\/strong> represent a more sophisticated level of protection. If you regularly commission penetration tests, vulnerability checks, or third-party security audits, this option should be selected.<\/p>\n<p><strong>Data access limitation:<\/strong> concerns your internal policies. If you\u2019ve implemented granular authorization systems, staff training on security procedures, and controls over who can access which data, this is an important organizational measure and the box should be selected.<\/p>\n<p>Once this step is completed, you can click on \u201cFinish configuration\u201d to move to the final step, which automatically generates the Policies and guides you through the next step: publishing the Policies on your site.<\/p>\n<h2>Policy Display<\/h2>\n<p>It\u2019s time to add the policies to pages on your site that users can access.<br \/>\nFrom the menu item <em>My Agile Privacy<sup>\u00ae<\/sup> &gt; Privacy Settings<\/em>, go to the POLICIES AND REGULATIONS tab.<br \/>\nHere, link the pre-filled texts to the Personal Data Policy and Cookie Policy pages. Select the correct page from your site and insert the provided shortcode to display the updated policy.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-9409 size-large\" src=\"https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2024\/01\/install-plugin-04-1024x839.jpg\" alt=\"\" width=\"1024\" height=\"839\" srcset=\"https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2024\/01\/install-plugin-04-1024x839.jpg 1024w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2024\/01\/install-plugin-04-300x246.jpg 300w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2024\/01\/install-plugin-04-768x629.jpg 768w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2024\/01\/install-plugin-04-1536x1258.jpg 1536w, https:\/\/www.myagileprivacy.com\/wp-content\/uploads\/2024\/01\/install-plugin-04.jpg 1920w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n","protected":false},"template":"","categoria-helpdesk":[],"versione-plugin":[30],"class_list":["post-14639","helpdesk","type-helpdesk","status-publish","hentry","versione-plugin-wp-edition"],"acf":{"helpdesk_in_evidenza":false,"helpdesk_ordine":"","elenco_faq_articolo":[{"domanda":"What is the My Agile Privacy\u00ae Policy Assistant used for?","risposta":"The My Agile Privacy\u00ae Policy Assistant is a tool designed to simplify the creation of Privacy and Cookie Policies that comply with relevant regulations. By guiding the user through a series of questions about their business and website characteristics, it automatically generates customized Policies in just a few minutes."},{"domanda":"Which privacy regulations does the assistant identify based on location?","risposta":"The assistant automatically identifies the applicable regulations based on the company's location and the position of its customers. Among the recognized regulations are: GDPR (EU and UK), nLPD\/nFADP (Switzerland), PIPEDA (Canada), LGPD (Brazil), CCPA\/CPRA (California), and numerous US state laws such as CPA (Colorado), CTDPA (Connecticut), TDPSA (Texas), VCDPA (Virginia), and others."},{"domanda":"Is it mandatory to have a Data Protection Officer (DPO)?","risposta":"No, not all companies are legally required to have a DPO. It is generally mandatory for public bodies, companies that carry out large-scale systematic monitoring, or that process special categories of data on a large scale (such as health or judicial data). However, even smaller companies may choose to appoint one for greater security in privacy management."},{"domanda":"Which website features can be declared in the assistant?","risposta":"You can select the following features that are actually active on the website: contact forms, online payments, account registration, newsletters and email marketing, reviews and feedback, collection of personal data from minors, and processing of special categories of personal data (sensitive data such as health, biometric, religious information, etc.)."},{"domanda":"Why is it important to indicate whether data is transferred to other countries?","risposta":"Many common services such as hosting, analytics, email marketing, and CDNs may transfer data to servers located in third countries, even without the user being aware of it. If data is shared with countries not considered 'adequate' by the European Union (i.e., with lower protection standards than European ones), this must be stated in the Policies to ensure regulatory compliance."},{"domanda":"Which data protection measures can be declared in the assistant?","risposta":"The protection measures that can be selected are: communication encryption (HTTPS), access log monitoring, periodic data backups, security audits and checks carried out by third parties, and restriction of data access through authorization systems and staff training."},{"domanda":"How are the generated Policies displayed on the website?","risposta":"Once the configuration is complete, you need to go to My Agile Privacy\u00ae &gt; Privacy Settings and navigate to the 'Policies and Regulations' tab. From there, you associate the pre-filled texts with the Personal Data Policy and Cookie Policy pages, selecting the correct page from the website and entering the provided shortcode to display the updated policy."}]},"_links":{"self":[{"href":"https:\/\/www.myagileprivacy.com\/en\/wp-json\/wp\/v2\/helpdesk\/14639","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.myagileprivacy.com\/en\/wp-json\/wp\/v2\/helpdesk"}],"about":[{"href":"https:\/\/www.myagileprivacy.com\/en\/wp-json\/wp\/v2\/types\/helpdesk"}],"wp:attachment":[{"href":"https:\/\/www.myagileprivacy.com\/en\/wp-json\/wp\/v2\/media?parent=14639"}],"wp:term":[{"taxonomy":"categoria-helpdesk","embeddable":true,"href":"https:\/\/www.myagileprivacy.com\/en\/wp-json\/wp\/v2\/categoria-helpdesk?post=14639"},{"taxonomy":"versione-plugin","embeddable":true,"href":"https:\/\/www.myagileprivacy.com\/en\/wp-json\/wp\/v2\/versione-plugin?post=14639"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}