4 min read

Writen by Zlatko Delev

Posted on: March 12, 2021

How to create a perfect Privacy policy 

One of the most important documents in GDPR regulative, that your company needs to have a special focus on it is the Privacy policy. You must make sure your Privacy Policy is GDPR complaint, and provides all the info that is required. Here at GDPR Local we help you achieve this, and we share you the most important articles that you need to have at your Privacy policy.



General Information:

Provide information for :

1.Controller’s contact details

2. Data Protection Officer’s contact details

3.EU/UK Representative’s contact details

Privacy Statement summary

Briefly provide summary of the most important information that you will put in the privacy policy.

Who will use my data?

What for?

What will happen if I contact you?

What data will be stored?

What data will be shared?

How long?

Who can access my data?

How is my data kept secure?

How do we get information

Provide info for :

1.Directly collected information

2.Indirectly collected information

3.Special category data and criminal conviction data

Rights of the data subject:

Inform the data subject for the rights they have:

Your right of access

Your right of rectification

Your right to erasure

Your right to restriction of processing

Your right to object to processing

Your right to data portability

Sharing your information:

Inform the data subject if you are sharing with other third parties, and if that is the case, provide info for the third parties.

How we store and process your data

Inform the data subject about the storage and processing the data.

Purpose and lawful basis for processing

Inform the data subject about the Purpose of collecting his data, and which are the lawful basis for processing the following . Detailed explanation of how you are using the data, and under which lawful basis.

Children Information

Provide an information if you are collecting information about children.

Cookies policy:

Provide information about your cookie policy, example of the cookies you are using, and tracking cookies data .

Retention period

Inform the data subject about the retention period of their data.

How do you keep the data secure

Detailed explanation about the process of keeping the subject’s data secured.


Information about the obligation that you have as a data controller/processor

Make sure your privacy policy is up to date

 Provide a statement that says:
“We keep our privacy notice under regular review to make sure it is up to date and accurate”.

Legitimate interest

Provide an info for legitimate interest , if you have data sharing other third parties.

Contacting us, exercising your information rights and Complaints

Share info from your company info, and how can  the data subject contact you and complain.
Make a reference that says : If you remain dissatisfied, you can make a complaint about the way we process your personal information to the supervisory authority”.

Recent blogs

Most common types of GDPR violations

As GDPR effect is growing day by day and a lot of companies are affected, we would like to present

ICO published the next chapter of the Anonymisation guidance draft : Anonymisation, pseudonymisation and privacy enhancing technologies guidance

How to ensure anonymisation is effective? The ICO is calling for views on its updated draft gui

When can we refuse to comply with a SAR (Subject Access request) ?

A lot of companies are receiving SAR's almost every day. Not all of the SAR's are relevant and a lo

Get Your Account Now

Setup in just 5 minutes. Enter your company details and choose the EU Representative services you need.

Give Us a Call

Not sure whether EU Representative applies to you or which option to choose? Call, email, chat to us anytime.


Stay Up-To-Date

Leave your details here and we’ll send you updates and information on all aspects of GDPR and EU Representative. We won’t bombard you with emails and you will be able to tell us to stop anytime.