How to create a perfect Privacy policy 

One of the most important documents in GDPR regulative, that your company needs to have a special focus on it is the Privacy policy. You must make sure your Privacy Policy is GDPR complaint, and provides all the info that is required. Here at GDPR Local we help you achieve this, and we share you the most important articles that you need to have at your Privacy policy.


KEY AREAS



Description


General Information:

Provide information for :

1.Controller’s contact details

2. Data Protection Officer’s contact details

3.EU/UK Representative’s contact details

Privacy Statement summary

Briefly provide summary of the most important information that you will put in the privacy policy.

Who will use my data?

What for?

What will happen if I contact you?

What data will be stored?

What data will be shared?

How long?

Who can access my data?

How is my data kept secure?

How do we get information

Provide info for :

1.Directly collected information

2.Indirectly collected information

3.Special category data and criminal conviction data

Rights of the data subject:

Inform the data subject for the rights they have:

Your right of access

Your right of rectification

Your right to erasure

Your right to restriction of processing

Your right to object to processing

Your right to data portability

Sharing your information:

Inform the data subject if you are sharing with other third parties, and if that is the case, provide info for the third parties.

How we store and process your data

Inform the data subject about the storage and processing the data.

Purpose and lawful basis for processing

Inform the data subject about the Purpose of collecting his data, and which are the lawful basis for processing the following . Detailed explanation of how you are using the data, and under which lawful basis.

Children Information

Provide an information if you are collecting information about children.

Cookies policy:

Provide information about your cookie policy, example of the cookies you are using, and tracking cookies data .

Retention period

Inform the data subject about the retention period of their data.

How do you keep the data secure

Detailed explanation about the process of keeping the subject’s data secured.

Obligations

Information about the obligation that you have as a data controller/processor

Make sure your privacy policy is up to date

 Provide a statement that says:
“We keep our privacy notice under regular review to make sure it is up to date and accurate”.

Legitimate interest

Provide an info for legitimate interest , if you have data sharing other third parties.

Contacting us, exercising your information rights and Complaints

Share info from your company info, and how can  the data subject contact you and complain.
 
Make a reference that says : If you remain dissatisfied, you can make a complaint about the way we process your personal information to the supervisory authority”.