Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Basic is a website builder platform that enables users to create and publish websites with minimal technical knowledge. It provides templated site creation, hosting, and basic analytics. As a hosted platform, GDPR obligations apply to the website owner as data controller and to Basic as processor for the hosting relationship.
Basic is a website builder platform enabling users to create and publish websites without coding. It provides templates, hosting, domain management, and basic analytics. As a hosted service, Basic processes website owner account data and visitor data for the websites built on it.
Website owners using Basic are data controllers for their visitors. Basic is the processor for hosting. Any forms, analytics, or tracking features on the Basic-built website require GDPR compliance from the website owner including a privacy policy, cookie notice, and consent management as appropriate.
Add a privacy policy to your Basic website. Sign a DPA with Basic if they process personal data on your behalf. Implement cookie consent for analytics and optional tracking. Ensure contact forms include appropriate privacy notices. Configure data retention for form submissions.
Websites using Basic must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is generally not required for standard website builder use cases. It may become relevant for sites collecting large volumes of personal data through forms or e-commerce.
Sample consent text
This website is built with Basic. Strictly necessary cookies are used for site functionality. Analytics cookies require your consent. See our privacy policy for full details.
Third-party domains contacted
www.basic.spaceapi.basic.spacecdn.basic.spaceCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| _basic_session | functionality | Session | Maintains the user session state for website builder authentication and editing. |
| _basic_analytics | analytics | 1 year | Tracks visitor interactions and page views on sites hosted by Basic for analytics reporting. |
| _basic_csrf | security | Session | Provides cross site request forgery protection for form submissions and account actions. |
| _basic_cookie_consent | functionality | 1 year | Stores the visitor cookie consent preference on Basic hosted websites. |
Basic is an essential service, but transparency matters. Manage all your consent with FlowConsent.
Basic is a lightweight JavaScript framework that does not set any cookies by default. As a client side library, it runs entirely in the browser without requiring server communication or persistent storage. However, applications built with Basic may implement their own cookie logic depending on the developer's choices.
Since Basic is a front end framework that does not set cookies or collect personal data on its own, prior consent is not required specifically for loading the library. However, if your Basic powered application sets cookies or processes personal data, you must obtain appropriate consent under GDPR and the ePrivacy Directive.
Loading the Basic framework itself can rely on legitimate interest as it is a technical tool necessary for website functionality. If your application built with Basic processes personal data or sets non essential cookies, you will need explicit consent as the legal basis under Article 6(1)(a) GDPR.
Basic as a framework does not transfer data to any server. If you load Basic from a CDN hosted outside the European Economic Area, this may constitute a data transfer. Consider self hosting the library or using an EU based CDN to avoid international transfer obligations.
A Data Protection Impact Assessment is generally not needed for the Basic framework itself since it does not process personal data. However, if your application built on Basic performs large scale profiling, processes sensitive data, or systematically monitors users, a DPIA would be required under Article 35 GDPR.
Ensure that any cookies or tracking set by your Basic application are declared in your cookie policy. Integrate a consent management platform that collects consent before activating non essential features. Audit all data flows within your application and document them in your processing records.
Basic is already a minimal framework with low privacy impact. Other lightweight alternatives with similar minimal footprints include Alpine.js, Stimulus, or vanilla JavaScript. The privacy impact depends more on the application logic you build rather than the framework itself.
List any cookies your Basic application sets, including their names, purposes, durations, and whether they are first party or third party. If Basic itself does not create cookies, you do not need to mention it specifically but should document any data processing your application performs.