Stylish lock.

Art of WiFi Captive Portal for UniFi networks, now offers a GDPR Self-Service dashboard

Why we implemented this feature

Our captive portal software for UniFi networks already provided the following controls, which are required to achieve GDPR compliance:

  • request guest users to explicitly accept your Terms of Service

  • request guest users to explicitly accept your Privacy Notice or Statement

  • offer the guest user the ability to opt-in for specific usage of their personal information, for example for sending them special offers

  • offer the guest user the ability to connect to the guest WiFi network without sharing personal information, but with lower bandwidth limits than for guest users that did register

GDPR also requires you to offer guest users the following capabilities with regard to their personal information that has been collected through the captive portal:

  • view their personal information

  • correct their personal information

  • export their personal information

  • delete their personal information

Until now, dealing with such requests and authenticating guest users has required considerable employee time and effort and introduced unpredictable costs.

In order to address these compliance-related issues in an efficient manner, we have implemented a self-service portal where guest users are provided these capabilities, giving them direct control over their personal information while also saving costs.

Important note: When a guest user deletes their full profile, their device is automatically disconnected from the network.

What does it look like for the end-user

Here are several screenshots of the GDPR Self-Service Portal when viewed on an iPhone 6:

GDPR: update my personal details. GDPR: my profile page on iPhone. GDPR: see my personal details. GDPR: download my personal details.

Personal information according to the GDPR regulations

Within the context of GDPR, personal information is any information relating to a person, directly or indirectly, which, in the case of our captive portal, can be any of the following:

  • first name

  • last name

  • postal code

  • phone number

  • email address

  • device MAC address

  • session information as collected by the UniFi controller

Even an IP address is regarded as personal information (…) but since local IP addresses are typically not persistent in guest network environments, we don’t display them in the Self-Service portal.

More background on GDPR

GDPR (‘General Data Protection Regulation’) also known as Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, regulates the processing by an individual, a company, or an organization of personal data relating to individuals in the EU.

Simply put, if a company operates a WiFi network that can be accessed by EU citizens, they must comply with the GDPR regulations, irrespective of where they are located.

The official EU site for the GDPR is located here.

The full GDPR publications in different languages can be obtained here.


If you have any questions regarding our captive portal software for UniFi, feel free to contact us.

Posted on: October 7th, 2019

On: Captive Portals

captive portal

guest portal



Share this on social media