Unconfigured YouTube videos on your website will likely break data protection laws.

Test your YouTube GDPR Compliance

Embedding YouTube videos on your website can be a quick and cheap way of serving video as we discussed here. However, one drawback we did not cover was the methods that YouTube use to collect personal data. The slightly alarming fact is that in most cases just embedding a YouTube video on your website allows YouTube collect visitor data - the visitor does not even have to watch the video before their data is collected by YouTube

Collecting data without explicit consent is now illegal in many countries, in particular it is illegal under EU GDPR rules. So what should you do?

First check if your YouTube videos on a webpage are GDPR compliant by copying your webpage URL (address) into the box below.

Enter your web pageURL, and then click 'Analyse YouTube content' Please note that you will need to do this for each page on your website with YouTube videos, we do not scan your entire website.

 
Youtube-enhanced-privacy
YouTube share showing check-box with enhanced-privacy mode

If the analysis above is green, then you are likely to be ok (see notice below). If you have warnings, then here are some of your options:

  • One option is to ask all visitors to your website for consent, but this is likely to scare away quite a few of your visitors.
  • You could find another method of serving your videos, perhaps from a different CDN as we discussed here.
  • Or you could use the the new YouTube privacy-enhanced Mode. To do this you will need find the YouTube video at youtube.com, get the embedded code after clicking share and make sure the Enable enhanced-privacy mode checkbox is clicked. You can now copy this code into your website.

Notice: This tool is provided free of charge and is for guidance only. Laws and technology may change over time so we cannot be responsible for the actual GPDR compliance of your website. You are welcome to contact us for further clarification.