Just a few weeks ago, I published an article on the subject here. Now there is apparently again a wave of warnings against websites that offer a contact form and do not encrypt the page, or at least the contact form, sufficiently.
The warnings are issued by IGD Interessengemeinschaft Datenschutz e.V. at the address “Straße der Jugend 18, 14974 Ludwigsfeld”. The association was founded only in February!
As already presented in my linked article, the issue as such, namely that a contact form must be SSL encrypted to ensure a transmission of data according to the current state of the art. You probably won’t win a pot of gold here.
Due to the nature of the matter, warning letters in the specific case, as with all warning letters, should not be paid hastily. The warning party should certainly not be contacted without an experienced colleague having assessed the warning. In the case of the ominous IGD, the question arises whether it is actively legitimized at all according to § 8 III No. 2 UWG. Whether the association, 14 days after the registration, namely a significant number of companies belong, and whether this meets other requirements, may be very doubtful here.
In other cases, however, the chances of defense will be lower, which is why it is important to ensure proper implementation, especially for online stores and similar sites.