The brand new website for the new Italian Income Support is not #GDPR aware.
Privacy note: missing
Safety Headers: missing
Third-party requests: 13 very unnecessary
Grabbing Referrer
Data sharing with Google
Server in USA
No SRI no CSP
@PrivacyMatters @meobaldo @_digitaLeasy
#RedditoDiCittadinza website is definitely not the cream of the crop... rather, It is absolutely unacceptable because the government is breaking the law.
I hope there will be a full privacy notice and a better compliance soon, at least before the massive data processing in May.
I hope that Italian DPA will look after this website because it will be used by millions Italian people (Unemployed Workers - Low-Income Families - Severe Poverty)
The website is already processing tons of personal data, without any data protection and IS sharing data with Google
The Italian DPA has confirmed all these concerns:
On the website a brand new privacy notice has popped up... unfortunately, it is not fully GDPR compliant. The cookie law part is ilarious: the user that disagree has to change browser setting! Google fonts are still not stored on the website server.
We deserve something better.
Share this Scrolly Tale with your friends.
A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.