Our videos have over 5 million views on Youtube! Visit our channel now »
The listings featured on this site are from companies from which this site receives compensation. Read the Advertising Disclosure for more information
Professional Reviews

vpnMentor contains reviews that are written by our community reviewers, and are based on the reviewers' independent and professional examination of the products/services.


vpnMentor is owned by Kape Technologies PLC, which owns the following products: ExpressVPN, CyberGhost, ZenMate, Private Internet Access, and Intego, which may be reviewed on this website.

Affiliate Commissions Advertising

vpnMentor contains reviews that were written by our experts and follow the strict reviewing standards, including ethical standards, that we have adopted. Such standards require that each review will be based on an independent, honest and professional examination of the reviewer. That being said, we may earn a commission when a user completes an action using our links, which will however not affect the review but might affect the rankings. The latter are determined on the basis of customer satisfaction of previous sales and compensation received.

Reviews Guidelines

The reviews published on vpnMentor are written by experts that examine the products according to our strict reviewing standards. Such standards ensure that each review is based on the independent, professional and honest examination of the reviewer, and takes into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings we publish may take into consideration the affiliate commissions we earn for purchases through links on our website.

Report: Only 34% of Websites in the EU are Ready for GDPR

It’s been nearly 2 years since the Council of the European Union, European Parliament and the European Union passed the privacy legislation known as the General Data Protection Regulation (GDPR).

Beginning on May 25th, 2018 any company that hasn’t updated their privacy policy during the two-year grace period will be in violation of the law and could face fines as much 4% of the company’s global revenue or €20 million, whichever is higher.

The new privacy policy must be transparent and tell the users what will happen with the data that is collected. It should be concise and written clearly, let the user know whether their data will be shared with a 3rd party or used for marketing purposes, explain the use of cookies and their purpose, and clearly state the rights of the individual visiting the site.

vpnMentor ran a test of over 2,500 websites in the EU that will need to follow the new GDPR regulations and found that as little as 34% of websites are currently compliant. Most of the websites we checked either had old privacy policies, and in some cases no privacy policy at all, and are in no way ready for the stricter privacy guidelines that take effect next month. Those that fail to meet these new standards, will be subject to the fines mentioned above.

infographic on GDPR compliance

Our Methodology

We targeted websites that use the popular MailChimp service.

MailChimp is an E-mail marketing platform that collects users Email addresses in order to send out newsletters, company updates, and general marketing materials.

Any website that uses MailChimp or a similar service to collect emails will have to store this data and therefore need a privacy policy that fits in with the GDPR regulations.

We collected up to 100 websites in each country that use MailChimp. In some cases, we couldn’t find 100 and used what we could, and the results were pretty surprising.

While some countries like Germany seem to be more prepared for the May 25th deadline with a compliance of 67%, others such as Portugal are ill-prepared  only 17% of the websites we checked had a complete GDPR approved privacy policy.

Does the Data Correlate with Sites that are Compliant with the EU Cookie Law?

During the course of our research, we also investigated whether these sites were in compliance with the EU internet cookie regulations that were recently passed into law. The cookie pop-up notifications, or “cookie-pops,” require a pop-up window to appear on any site using cookies to collect information on the websites' users.

Once again, we were surprised as there seemed to be no correlation between the sites that use the cookie-pops and the sites that are GDPR compliant. Germany a country that topped our list on GDPR compliance  was at the bottom of the cookie-pops test with just 16% of website employing this privacy feature.

Our hypothesis was that there would be some kind of correlation in the data between these two studies. Had web owners just used a third party code and inserted it into their website, we’d understand that both GDPR and cookie-pops would be similar.

However, since there is little correlation between sites that have the cookie-pops and privacy policy, this shows that business owners are not just copying and pasting a code or text into the site to comply with the regulation, rather they actually carefully look into it and make the necessary updates (this is good news).

For some sites, there may be a good reason for not having the cookie-pops enabled on their site, such as they don’t collect cookies. Interestingly in Slovenia, which had the highest percentage of cookie-pops enabled 64%, only 40% of the sites were GDPR compliant, meaning that at least 60% of the Slovenian sites will be in violation of the new regulation.

If your website isn’t GDPR compliant yet, you can go here and copy/paste the GDPR policy into your website to avoid any legal issue you may otherwise encounter.

About the Author

Kristina is an experienced tech writer and researcher with a keen interest in cybersecurity for businesses and the general public.

Did you like this article? Rate it!
I hated it! I don't really like it It was ok Pretty good! Loved it!
out of 10 - Voted by users
Thank you for your feedback
Comment Comment must be from 5 to 2500 characters long.