GDPR Compliance Pipeline

In January, I mentioned that the European Union offers a free GDPR compliance checker. As an business analyst , I analyze how business process automation can streamline compliance requirements analysis.

Small and medium-sized businesses can benefit greatly from using their websites as digital business cards. For example, I enjoy receiving feedback and knowing that people appreciate my posts. Actively tracking website visitors is too time-consuming for me. There are other marketing activities that are more target-oriented.

When the EU introduced laws about cookie banners, I found it daunting to comply. However, I realized it was a chance to rethink my marketing strategies and ensure user privacy. This shift empowered me to understand that I do not have to track every visitor to be successful. This realization has inspired me, and I can do the same for you.

Hugo does not create cookies by default. I will ensure that future updates only create cookies with my permission. Web design is not my main focus. As a hands-on architect, I need to stay updated on the latest techniques. Even open-source software can change key quality features over time, so I will verify cookie compliance after each deployment.

GitHub Actions Job

Since I only write a limited number of posts or articles per quarter, I do not have to consider the execution times.

The GitHub action includes:

• Installing the latest version of the Website Evidence Collector.
• Running the tool.
• Storing the result on GitHub for ten days.
• Terminate the job if one or more cookies are discovered. The GitHub platform automatically triggers error notifications.

GitHub Job collect-evidence

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43

  collect-evidence:
    runs-on: ubuntu-latest
    needs: deploy.....

    steps:
      - name: Install jq
        run: |
          sudo apt-get install jq
          sudo wget https://github.com/mikefarah/yq/releases/download/v4.6.1/yq_linux_amd64 -O /usr/bin/yq && sudo chmod +x /usr/bin/yq

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
            node-version: '18'

      - name: Install Cypress
        run: npm install cypress

      - name: Install Website Evidence Collector
        run: npm install --global https://github.com/EU-EDPS/website-evidence-collector/tarball/latest

      - name: Collect evidence from websites
        id: collect-eifel42
        run: |
          website-evidence-collector -y -q --no-output https://www.eifel42.dev/ > eifel42.yaml
          yq e -j eifel42.yaml > eifel42.json
  
      - name: Upload evidence
        uses: actions/upload-artifact@v4.3.3
        with:
          name: evidence
          path:  |
            eifel42.yaml 
        
      - name: Check cookies eifel42
        run: |
            isEmpty=$(jq '.cookies | length == 0' eifel42.json)
            if [ "$isEmpty" = "true" ]; then
              echo "Cookies array is empty"
            else
              echo "Cookies array is not empty"
              exit -1
            fi

Links

• Example of website-evidence-collector output

See also

• Key Insights from the Microsoft AI Tour 2025
• Lighthouse Score 100
• EU Website Evidence Collector moves to code.europa.eu
• Data in Motion Day 2024
• Agile Increment