What's a Privacy Policy?

A Privacy policy is an official document in which you need to sum up the goals and commitments you've settled in terms of privacy and data protection regarding your clients', employees' or customers' personal data. This document is to be published on your website and tool for everyone to see and read, your data subjects, third parties as well as supervisory authorities.

Articles 13 and 14 of the GDPR oblige controllers to give transparent information to data subjects relating to the processing activity and how to exercise their rights. 

If this obligation relies on controllers towards data subjects, processors have to make available to the controller all information necessary to demonstrate compliance with the obligations laid down in Article 28.

When writing a “website privacy policy”, you’re addressing data subjects about how you’re processing personal data on your website for commercial and marketing purposes.

When writing a “cloud privacy policy”, you’re addressing controllers and data subjects about how you’re processing personal data through your SaaS tool.

It must at least contain: your identity, contact details of the DPO, purposes and legal basis of the processing activities, the categories of recipients, intended transfers to a third country and legal safeguards on which they are based, data retention period, data subjects’ rights, and the existence of automated decision-making.

Definition

What's a personal data?

A personal data is any information that identifies or can be used to identify an individual directly or indirectly. Examples of personal data include, but are not limited to: first and last name, date of birth, email address, postal address, gender, occupation, photography, or other demographic information.
Definition

What's a data breach notification

A personal data breach is a breach of security resulting in the destruction, loss, alteration or unauthorized disclosure of personal data.According to Article 33 of the GDPR, as a processor, you must notify controllers of any personal data breach as soon as possible after becoming aware of it and offer your assistance to assess the impacts on data subjects’ lives.
Definition

What's a EU Representative?

Under the GDPR, an EU representative is a person or organization that is based in the EU and is designated by a non-EU based organization to serve as a point of contact for individuals whose data is being processed, and for the relevant supervisory authority.

Become GDPR compliant in minutes!

Privacyboard helps you comply with GDPR easily so you can focus on what's really important for your business.
Start for free
Privacyboard

Product

PricingAbout

Ressources

BlogSubprocessorsKnowledge CenterGlossarySupervisory AuthoritiesEmail Templates

Legal

Privacy PolicyCookie PolicySubprocessorsRight RequestsTerms
Made in  🇪🇺  with  ☕️