What Is the Digital Services Act (DSA)?
The Digital Services Act is a European regulation that governs online platforms, marketplaces, and search engines. The law was adopted in November 2022 and has been fully applicable since 17 February 2024 to all service providers within its scope.
The DSA has two main objectives. First, the EU wants to create a safer digital space in which users’ fundamental rights are protected. Second, the law aims to establish a level playing field for innovation and growth within the European digital market.
The strictest rules apply to so-called Very Large Online Platforms (VLOPs) and Very Large Online Search Engines (VLOSEs). These are platforms with more than 45 million active users per month in the EU. Think of companies like TikTok, Meta, Google, and Amazon.
The DSA requires, among other things, transparency about content moderation, clear advertising labels, and measures against illegal content. Less stringent but still impactful obligations apply to smaller platforms.
Does Leadinfo Fall Under the DSA?
No, Leadinfo does not fall under the Digital Services Act. The reason is simple: Leadinfo is not an online platform, marketplace, or search engine within the meaning of the DSA.
Leadinfo is a B2B SaaS tool that helps companies see which organisations visit their website. We identify companies, not individuals. Our service is not an intermediary service that hosts or distributes content to end users.
The DSA obligations are therefore not directly applicable to Leadinfo or to most B2B software tools. We operate fully under existing privacy legislation, namely the GDPR.
How Leadinfo Stays Compliant: GDPR and Privacy-First
Although the DSA does not apply to us, we take privacy and compliance extremely seriously. Leadinfo is designed as a privacy-first platform with the following characteristics:
Cookieless and without fingerprinting. Leadinfo does not use cookies or device fingerprinting. Our technology works entirely on the basis of network metadata and IP mapping, without tracking individual visitors.
Business data only. We identify only companies, never individuals. This means we do not process personal data as defined in the GDPR.
EU-only hosting. All data is hosted in EU data centres, specifically in Ireland and Frankfurt. No data transfer takes place to countries outside the EU, making us fully Schrems II compliant.
ISO 27001:2022 certified. Our information security is audited annually by LRQA. This certificate confirms that we meet the highest international standards for data security.
The legal basis for our processing is Article 6(1)(f) of the GDPR: legitimate interest. Business data is not personal data, and our customers can use it to improve their marketing activities without violating privacy legislation.
Visit our privacy policy for full details on our legal basis.
What Does the DSA Mean for Your B2B Website?
Most B2B websites do not fall under the DSA obligations. The law primarily targets platforms that host or distribute content, marketplaces that offer products or services, and search engines.
A standard B2B company website is none of these things. Your website is a business card, not a platform where users post content or conduct transactions.
The DSA does become relevant if your company offers one of the following services:
- An online marketplace where third parties sell products
- A hosting service where users can upload content
- A platform that distributes user content to others
For regular B2B websites, the focus remains on GDPR compliance. Ensure you have a clear privacy policy, are transparent about cookies (if you use them), and request consent where necessary.
Tools like Leadinfo help you with this. Because Leadinfo works without cookies, you don’t need a cookie banner for our tracking. And because we only process business data, there is no conflict with privacy legislation.
DSA vs. GDPR: What’s the Difference?
The Digital Services Act and the General Data Protection Regulation (GDPR) are two different laws with different purposes.
The GDPR protects the personal data of individuals. The law regulates how organisations may collect, process, and store personal data. The GDPR applies to virtually every organisation that processes personal data.
The DSA regulates online platforms and their responsibility for content, transparency, and user safety. The law is specifically aimed at digital service providers that act as intermediaries between users and content or products.
Both laws complement each other within the European framework for digital regulation. For B2B tools like Leadinfo, however, the GDPR remains the primary compliance framework. The DSA adds no additional obligations.
What both laws have in common: the emphasis on transparency and user rights. Whether you fall under the DSA or only under the GDPR, clear communication about data practices is essential.
Key Takeaways
The DSA targets platforms, not tools. The Digital Services Act regulates online platforms, marketplaces, and search engines. B2B SaaS tools like Leadinfo do not fall under it.
Leadinfo is fully GDPR-compliant. We process only business data, no personal data. Our technology is 100% cookieless and without fingerprinting.
EU-only hosting and ISO 27001. All data stays within Europe, and our security is audited annually. This guarantees maximum security for your data.
Focus on compliance. Whether the DSA applies to your company or not, transparent data practices and privacy-first technology remain the standard.
More than 20,000 European companies trust Leadinfo for their website visitor identification.
Frequently Asked Questions
Does Leadinfo fall under the Digital Services Act?
No, Leadinfo is not an online platform within the meaning of the DSA. Leadinfo is a B2B tool for company identification and operates fully under the GDPR. We identify companies, not individuals.
Is Leadinfo GDPR-compliant?
Yes, Leadinfo is 100% GDPR-compliant. We process only business data, no personal data. Our technology is cookieless and we host exclusively within the EU.
What is the difference between the DSA and the GDPR?
The GDPR protects personal data, while the DSA regulates online platforms in terms of content and transparency. For B2B tools like Leadinfo, the GDPR remains the primary compliance framework.
Does my B2B website need to comply with the DSA?
Probably not. The DSA targets online platforms, marketplaces, and search engines. A regular B2B website typically does not fall under it. Focus on GDPR compliance and transparent data practices.
