How to create a perfect Privacy policy
One of the most important documents in GDPR regulative, that your company needs to have a special focus on it is the Privacy policy. You must make sure your Privacy Policy is GDPR complaint, and provides all the info that is required. Here at GDPR Local we help you achieve this, and we share you the most important articles that you need to have at your Privacy policy.
KEY AREAS | Description |
General Information: | Provide information for : 1.Controller’s contact details 2. Data Protection Officer’s contact details 3.EU/UK Representative’s contact details |
Privacy Statement summary | Briefly provide summary of the most important information that you will put in the privacy policy. Who will use my data? What for? What will happen if I contact you? What data will be stored? What data will be shared? How long? Who can access my data? How is my data kept secure? |
How do we get information: | Provide info for : 1.Directly collected information 2.Indirectly collected information 3.Special category data and criminal conviction data |
Rights of the data subject: | Inform the data subject for the rights they have: Your right of access Your right of rectification Your right to erasure Your right to restriction of processing Your right to object to processing Your right to data portability |
Sharing your information: | Inform the data subject if you are sharing with other third parties, and if that is the case, provide info for the third parties. |
How we store and process your data | Inform the data subject about the storage and processing the data. |
Purpose and lawful basis for processing | Inform the data subject about the Purpose of collecting his data, and which are the lawful basis for processing the following . Detailed explanation of how you are using the data, and under which lawful basis. |
Children Information | Provide an information if you are collecting information about children. |
Cookies policy: | Provide information about your cookie policy, example of the cookies you are using, and tracking cookies data . |
Retention period | Inform the data subject about the retention period of their data. |
How do you keep the data secure | Detailed explanation about the process of keeping the subject’s data secured. |
Obligations | Information about the obligation that you have as a data controller/processor |
Make sure your privacy policy is up to date | Provide a statement that says: “We keep our privacy notice under regular review to make sure it is up to date and accurate”. |
Legitimate interest | Provide an info for legitimate interest , if you have data sharing other third parties. |
Contacting us, exercising your information rights and Complaints | Share info from your company info, and how can the data subject contact you and complain. Make a reference that says : If you remain dissatisfied, you can make a complaint about the way we process your personal information to the supervisory authority”. |
Contact Us
Hope you find this useful. If you need an EU Rep, have any GDPR questions, or have received a SAR or Regulator request and need help then please contact us anytime. We are always happy to help...
GDPR Local team.
Recent blogs
Appointment of a DPO in Singapore: What You Need to Know Before 30th September
If your business handles personal data in Singapore, it’s important to be aware of a key deadline
Enterprise Data Protection: Securing Large-Scale Information Assets
Cyber threats and regulatory pressures have made it necessary for businesses around the world to sa
Continuous Data Protection: Ensuring Real-Time Information Security
Continuous data protection (CDP) has emerged as a crucial strategy in safeguarding data assets agai