SlideShare a Scribd company logo
1 of 39
Download to read offline
GDPR
Privacy Policy
The General Data Protection Regulation
(GDPR) took effect on May 25, 2018.
If the GDPR applies to you, you’ll need to
make sure your Privacy Policy is updated.
UPDATE
Who the GDPR
Applies to
The GDPR will apply to your business if you:
Offer products or services to EU citizens, or
Collect personal information from EU citizens
Note that it doesn’t matter where your business
is located/headquartered. If you meet either of
these criteria, the GDPR applies to you.
For example, a U.S.-based business that simply
collects email addresses from users in the EU
will fall under the scope of the GDPR.
@
What the GDPR
Requires
(1) Link to https://termsfeed.com/blog/gdpr-compliance-plan/#Requirements_for_GDPR_Data_Controllers
(2) Link to https://termsfeed.com/blog/gdpr-compliance-plan/#Requirements_for_GDPR_Data_Processors
(3) Link to https://termsfeed.com/blog/data-protection-officer-dpo/
The GDPR comes with a number of enhancements
to the current privacy law in the UK - the Data
Protection Directive.
New responsibilities (1) for Data Controllers
Data Processors (2) are now covered by the law
The new role of Data Protection Officer (3) has
been created
The main focus of the GDPR is the protection of
personal data and digital privacy.
Users must be provided with thorough information
about how their personal data is processed.
Here’s where your Privacy Policy comes in.
GDPR-Compliant
Privacy Policy
(4) Link to https://gdpr-info.eu/art-12-gdpr/
Article 12 of the GDPR (4) requires that
you communicate information about your
processing of personal data in a way
that’s:
Concise
Transparent
In clear and plain language
Intelligible
Easily accessible
Free of charge
Most Privacy Policies tend to be long and
dense, filled with legal jargon and less than
clear for most readers.
The GDPR is working to avoid this.
Update your Privacy Policy by:
Cutting out legalese
Simplifying overly technical information
Using short, clear sentences
Writing with your average user in mind
In addition to the standard required components
of your Privacy Policy (5), your GDPR-compliant
policy will need to disclose more information.
(5) Link to https://termsfeed.com/blog/gdpr-privacy-policy/#Have_a_Privacy_Policy
The following 6 concepts must be covered
somewhere in your Privacy Policy.
They can be separate, standalone clauses,
or integrated into other existing clauses.
Just make sure you have the information
somewhere in your Policy.
1. Who is your data controller?
The data controller is the party in charge of
deciding what personal data is collected.
Let users know if this is your business or if
someone else is responsible for making
this important decision.
In most cases, it will be your company.
Make sure your users have a way to
contact you.
This is a fast, easy and important
update to make to your Privacy Policy
if needed.
2. Your contact information and your
DPO’s contact information, if applicable
If you have a Data Protection Officer (DPO),
include contact information for this individual
as well.
(6) Link to https://www.vividfish.co.uk/blog/gdpr-8-rights-under-gdpr
3. The 8 rights of users under the GDPR
Inform users of these 8 rights (6).
They don’t have to be explicitly listed out in
your Privacy Policy, but each point should
be addressed somewhere within it.
The 8 rights of users:
Right to be informed
Right of access
Right of rectification
Right to erasure
Right to restrict data processing
Right to data portability
Right to object
Rights of automated decision-making
and profiling
Twitter includes a separate chapter in its Privacy Policy to
address some of these rights:
Let users know what purposes you
use collected data for, such as for
communication and billing.
4. Your purposes for collecting the data
Let users know if you transfer their
personal data to a different country.
Include a description and explanation
of suitable safeguards you have in
place for the transfer, and how users
can obtain a copy of them.
5. Do you transfer data internationally?
The GDPR provides 6 lawful bases (7).
You’ll likely satisfy this requirement in
your clause that covers what data you
collect and how you use it.
6. Your legal basis for processing data
(7) Link to https://gdpr-info.eu/art-6-gdpr/
For example, you collect email addresses for communication purposes,
financial information for payment purposes, place cookies to remember
passwords and user preferences, etc.
Getting Agreement and
Consent to your Privacy
Practices
Whenever you get consent, use
checkmark boxes or another active
method of clickwrap (8).
(8) Link to https://termsfeed.com/blog/examples-click-accept/
Have Privacy
Notices
Because the GDPR focuses on creating
transparency and understanding for users,
having Privacy Notices will help you be
GDPR-compliant.
A Privacy Notice is a short, concise notice that
helps users understand why you’re requesting
their personal data.
They should be available at the point where
you’re requesting to collect the data.
The GDPR requires your Privacy Policy to
be more informative.
However, it requires that you provide this
information in a simplified, clear way.
Review the language in your Privacy Policy and
drop the legalese. Make it be easy to understand
by your average user
Update your Privacy Policy with the additional
information required by the GDPR
Use clickwrap when getting agreement and
consent
Add Privacy Notices to help users understand
what they’re consenting to
To summarize:
GDPR Privacy Policy Update

More Related Content

What's hot

Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)Happiest Minds Technologies
 
Top 10 GDPR Requirements
Top 10 GDPR RequirementsTop 10 GDPR Requirements
Top 10 GDPR RequirementsRusty Stanberry
 
Impact of GDPR on Data Collection and Processing
Impact of GDPR on Data Collection and ProcessingImpact of GDPR on Data Collection and Processing
Impact of GDPR on Data Collection and ProcessingPromptCloud
 
How to Collect and Process Data Under GDPR?
How to Collect and Process Data Under GDPR?How to Collect and Process Data Under GDPR?
How to Collect and Process Data Under GDPR?Piwik PRO
 
General Data Protection Regulation for Ops
General Data Protection Regulation for OpsGeneral Data Protection Regulation for Ops
General Data Protection Regulation for OpsKamil Rextin
 
Addressing analytics, data warehouse and Big Data challenges beyond database ...
Addressing analytics, data warehouse and Big Data challenges beyond database ...Addressing analytics, data warehouse and Big Data challenges beyond database ...
Addressing analytics, data warehouse and Big Data challenges beyond database ...Chris Doolittle
 
General data protection regulation gdpr audit 2018
General data protection regulation gdpr audit 2018General data protection regulation gdpr audit 2018
General data protection regulation gdpr audit 2018Fraser Hay
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection RegulationPete S
 
SourceCloud GDPR statement march 2018
SourceCloud GDPR statement march 2018 SourceCloud GDPR statement march 2018
SourceCloud GDPR statement march 2018 Craig Burns
 
Mailstore advisory GDPR
Mailstore advisory GDPRMailstore advisory GDPR
Mailstore advisory GDPRBalázs Antók
 
GDPR Compliance Software | General Data Protection Regulation (GDPR) Dashboard
GDPR Compliance Software | General Data Protection Regulation (GDPR) DashboardGDPR Compliance Software | General Data Protection Regulation (GDPR) Dashboard
GDPR Compliance Software | General Data Protection Regulation (GDPR) DashboardCorporater
 
Satori GDPR Overview 2018
Satori GDPR Overview 2018Satori GDPR Overview 2018
Satori GDPR Overview 2018Dean Evans
 
Data Protection: Transitioning to the GDPR
Data Protection: Transitioning to the GDPRData Protection: Transitioning to the GDPR
Data Protection: Transitioning to the GDPRImogenRutherford
 
"If we're leaving the EU, does GDPR even matter?" And other FAQs
"If we're leaving the EU, does GDPR even matter?" And other FAQs"If we're leaving the EU, does GDPR even matter?" And other FAQs
"If we're leaving the EU, does GDPR even matter?" And other FAQsTech Data
 

What's hot (20)

Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)
 
Top 10 GDPR Requirements
Top 10 GDPR RequirementsTop 10 GDPR Requirements
Top 10 GDPR Requirements
 
Impact of GDPR on Data Collection and Processing
Impact of GDPR on Data Collection and ProcessingImpact of GDPR on Data Collection and Processing
Impact of GDPR on Data Collection and Processing
 
Gdpr zilla
Gdpr zillaGdpr zilla
Gdpr zilla
 
An Overview of GDPR
An Overview of GDPR An Overview of GDPR
An Overview of GDPR
 
How to Collect and Process Data Under GDPR?
How to Collect and Process Data Under GDPR?How to Collect and Process Data Under GDPR?
How to Collect and Process Data Under GDPR?
 
General Data Protection Regulation for Ops
General Data Protection Regulation for OpsGeneral Data Protection Regulation for Ops
General Data Protection Regulation for Ops
 
Addressing analytics, data warehouse and Big Data challenges beyond database ...
Addressing analytics, data warehouse and Big Data challenges beyond database ...Addressing analytics, data warehouse and Big Data challenges beyond database ...
Addressing analytics, data warehouse and Big Data challenges beyond database ...
 
DPA and GDPR
DPA and GDPRDPA and GDPR
DPA and GDPR
 
General data protection regulation gdpr audit 2018
General data protection regulation gdpr audit 2018General data protection regulation gdpr audit 2018
General data protection regulation gdpr audit 2018
 
General Data Protection Regulation
General Data Protection RegulationGeneral Data Protection Regulation
General Data Protection Regulation
 
SourceCloud GDPR statement march 2018
SourceCloud GDPR statement march 2018 SourceCloud GDPR statement march 2018
SourceCloud GDPR statement march 2018
 
Mailstore advisory GDPR
Mailstore advisory GDPRMailstore advisory GDPR
Mailstore advisory GDPR
 
GDPR
GDPRGDPR
GDPR
 
GDPR Compliance Software | General Data Protection Regulation (GDPR) Dashboard
GDPR Compliance Software | General Data Protection Regulation (GDPR) DashboardGDPR Compliance Software | General Data Protection Regulation (GDPR) Dashboard
GDPR Compliance Software | General Data Protection Regulation (GDPR) Dashboard
 
GDPR Overview
GDPR OverviewGDPR Overview
GDPR Overview
 
Satori GDPR Overview 2018
Satori GDPR Overview 2018Satori GDPR Overview 2018
Satori GDPR Overview 2018
 
Data Protection: Transitioning to the GDPR
Data Protection: Transitioning to the GDPRData Protection: Transitioning to the GDPR
Data Protection: Transitioning to the GDPR
 
"If we're leaving the EU, does GDPR even matter?" And other FAQs
"If we're leaving the EU, does GDPR even matter?" And other FAQs"If we're leaving the EU, does GDPR even matter?" And other FAQs
"If we're leaving the EU, does GDPR even matter?" And other FAQs
 
The Basics of GDPR
The Basics of GDPR The Basics of GDPR
The Basics of GDPR
 

Similar to GDPR Privacy Policy Update

GDPR Changing Mindset
GDPR Changing MindsetGDPR Changing Mindset
GDPR Changing MindsetNetworkIQ
 
How the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your WebsiteHow the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your WebsiteSilverTech
 
ICO's Guide to Preparing for the GDPR
ICO's Guide to Preparing for the GDPRICO's Guide to Preparing for the GDPR
ICO's Guide to Preparing for the GDPRBenjamin Dibble
 
How will GDPR affect small businesses?
How will GDPR affect small businesses?How will GDPR affect small businesses?
How will GDPR affect small businesses?AllBusinessTemplates
 
What's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) ChangesWhat's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) ChangesOgilvy Consulting
 
General Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readinessGeneral Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readinessOmo Osagiede
 
A Brief Overview on GDPR
A Brief Overview on GDPRA Brief Overview on GDPR
A Brief Overview on GDPRNeha Patel
 
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)WBDC of Florida
 
Are you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist WhitepaperAre you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist WhitepaperServersys
 
Cognizant business consulting the impacts of gdpr
Cognizant business consulting   the impacts of gdprCognizant business consulting   the impacts of gdpr
Cognizant business consulting the impacts of gdpraudrey miguel
 
IAB Europe's GDPR Compliance Primer
IAB Europe's GDPR Compliance PrimerIAB Europe's GDPR Compliance Primer
IAB Europe's GDPR Compliance PrimerIAB Europe
 
GDPRIBMWhitePaper
GDPRIBMWhitePaperGDPRIBMWhitePaper
GDPRIBMWhitePaperJim Wilson
 
General data protection regulation
General data protection regulationGeneral data protection regulation
General data protection regulationFahad Ameen
 
Wolters Kluwer GDPR Webinar 9 May 2018
Wolters Kluwer GDPR Webinar 9 May 2018 Wolters Kluwer GDPR Webinar 9 May 2018
Wolters Kluwer GDPR Webinar 9 May 2018 Jonathan Chilton
 

Similar to GDPR Privacy Policy Update (20)

What is GDPR ? by M32
What is GDPR ? by M32What is GDPR ? by M32
What is GDPR ? by M32
 
GDPR Changing Mindset
GDPR Changing MindsetGDPR Changing Mindset
GDPR Changing Mindset
 
How the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your WebsiteHow the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your Website
 
GDPR Preparing for-the-gdpr-12-steps
GDPR Preparing for-the-gdpr-12-stepsGDPR Preparing for-the-gdpr-12-steps
GDPR Preparing for-the-gdpr-12-steps
 
ICO's Guide to Preparing for the GDPR
ICO's Guide to Preparing for the GDPRICO's Guide to Preparing for the GDPR
ICO's Guide to Preparing for the GDPR
 
How will GDPR affect small businesses?
How will GDPR affect small businesses?How will GDPR affect small businesses?
How will GDPR affect small businesses?
 
Are you GDPRed yet?
Are you GDPRed yet?Are you GDPRed yet?
Are you GDPRed yet?
 
What's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) ChangesWhat's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) Changes
 
GDPR Compliance
GDPR ComplianceGDPR Compliance
GDPR Compliance
 
General Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readinessGeneral Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readiness
 
A Brief Overview on GDPR
A Brief Overview on GDPRA Brief Overview on GDPR
A Brief Overview on GDPR
 
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)
 
Are you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist WhitepaperAre you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist Whitepaper
 
Cognizant business consulting the impacts of gdpr
Cognizant business consulting   the impacts of gdprCognizant business consulting   the impacts of gdpr
Cognizant business consulting the impacts of gdpr
 
IAB Europe's GDPR Compliance Primer
IAB Europe's GDPR Compliance PrimerIAB Europe's GDPR Compliance Primer
IAB Europe's GDPR Compliance Primer
 
GDPRIBMWhitePaper
GDPRIBMWhitePaperGDPRIBMWhitePaper
GDPRIBMWhitePaper
 
General data protection regulation
General data protection regulationGeneral data protection regulation
General data protection regulation
 
Sage CRM and GDPR Overview
Sage CRM and GDPR OverviewSage CRM and GDPR Overview
Sage CRM and GDPR Overview
 
GDPR - what you need to know
GDPR -  what you need to know GDPR -  what you need to know
GDPR - what you need to know
 
Wolters Kluwer GDPR Webinar 9 May 2018
Wolters Kluwer GDPR Webinar 9 May 2018 Wolters Kluwer GDPR Webinar 9 May 2018
Wolters Kluwer GDPR Webinar 9 May 2018
 

More from termsfeed

The CCPA vs CalOPPA
The CCPA vs CalOPPAThe CCPA vs CalOPPA
The CCPA vs CalOPPAtermsfeed
 
Privacy Policy if No Personal Data is Collected
Privacy Policy if No Personal Data is CollectedPrivacy Policy if No Personal Data is Collected
Privacy Policy if No Personal Data is Collectedtermsfeed
 
Don’t hide your Terms and Conditions
 Don’t hide your Terms and Conditions Don’t hide your Terms and Conditions
Don’t hide your Terms and Conditionstermsfeed
 
9 Privacy Clauses for a Landing Page
9 Privacy Clauses for a Landing Page9 Privacy Clauses for a Landing Page
9 Privacy Clauses for a Landing Pagetermsfeed
 
4 Ways to Notify Your Users About Cookies
4 Ways to Notify Your Users About Cookies4 Ways to Notify Your Users About Cookies
4 Ways to Notify Your Users About Cookiestermsfeed
 
EU Cookies Directive
EU Cookies DirectiveEU Cookies Directive
EU Cookies Directivetermsfeed
 
Privacy Policy FAQ
Privacy Policy FAQPrivacy Policy FAQ
Privacy Policy FAQtermsfeed
 
FTC Disclosures
FTC DisclosuresFTC Disclosures
FTC Disclosurestermsfeed
 
The Digital Millennium Copyright Act
The Digital Millennium Copyright ActThe Digital Millennium Copyright Act
The Digital Millennium Copyright Acttermsfeed
 
Disclosures for Affiliate Links
Disclosures for Affiliate LinksDisclosures for Affiliate Links
Disclosures for Affiliate Linkstermsfeed
 
Disclaimer Examples
Disclaimer ExamplesDisclaimer Examples
Disclaimer Examplestermsfeed
 
How to Comply with CAN-SPAM
How to Comply with CAN-SPAMHow to Comply with CAN-SPAM
How to Comply with CAN-SPAMtermsfeed
 
Privacy Policy for Flurry
Privacy Policy for FlurryPrivacy Policy for Flurry
Privacy Policy for Flurrytermsfeed
 
Termination Clause in Terms and Conditions
Termination Clause in Terms and ConditionsTermination Clause in Terms and Conditions
Termination Clause in Terms and Conditionstermsfeed
 
Click to Accept: A Method of Clickwrap
Click to Accept: A Method of ClickwrapClick to Accept: A Method of Clickwrap
Click to Accept: A Method of Clickwraptermsfeed
 
Privacy Policy for Wistia
Privacy Policy for WistiaPrivacy Policy for Wistia
Privacy Policy for Wistiatermsfeed
 
The "Your California Privacy Rights" clause
The "Your California Privacy Rights" clauseThe "Your California Privacy Rights" clause
The "Your California Privacy Rights" clausetermsfeed
 
Terms & Conditions Generator
Terms & Conditions GeneratorTerms & Conditions Generator
Terms & Conditions Generatortermsfeed
 
Terms & Conditions FAQ
Terms & Conditions FAQTerms & Conditions FAQ
Terms & Conditions FAQtermsfeed
 
Software License Agreements
Software License AgreementsSoftware License Agreements
Software License Agreementstermsfeed
 

More from termsfeed (20)

The CCPA vs CalOPPA
The CCPA vs CalOPPAThe CCPA vs CalOPPA
The CCPA vs CalOPPA
 
Privacy Policy if No Personal Data is Collected
Privacy Policy if No Personal Data is CollectedPrivacy Policy if No Personal Data is Collected
Privacy Policy if No Personal Data is Collected
 
Don’t hide your Terms and Conditions
 Don’t hide your Terms and Conditions Don’t hide your Terms and Conditions
Don’t hide your Terms and Conditions
 
9 Privacy Clauses for a Landing Page
9 Privacy Clauses for a Landing Page9 Privacy Clauses for a Landing Page
9 Privacy Clauses for a Landing Page
 
4 Ways to Notify Your Users About Cookies
4 Ways to Notify Your Users About Cookies4 Ways to Notify Your Users About Cookies
4 Ways to Notify Your Users About Cookies
 
EU Cookies Directive
EU Cookies DirectiveEU Cookies Directive
EU Cookies Directive
 
Privacy Policy FAQ
Privacy Policy FAQPrivacy Policy FAQ
Privacy Policy FAQ
 
FTC Disclosures
FTC DisclosuresFTC Disclosures
FTC Disclosures
 
The Digital Millennium Copyright Act
The Digital Millennium Copyright ActThe Digital Millennium Copyright Act
The Digital Millennium Copyright Act
 
Disclosures for Affiliate Links
Disclosures for Affiliate LinksDisclosures for Affiliate Links
Disclosures for Affiliate Links
 
Disclaimer Examples
Disclaimer ExamplesDisclaimer Examples
Disclaimer Examples
 
How to Comply with CAN-SPAM
How to Comply with CAN-SPAMHow to Comply with CAN-SPAM
How to Comply with CAN-SPAM
 
Privacy Policy for Flurry
Privacy Policy for FlurryPrivacy Policy for Flurry
Privacy Policy for Flurry
 
Termination Clause in Terms and Conditions
Termination Clause in Terms and ConditionsTermination Clause in Terms and Conditions
Termination Clause in Terms and Conditions
 
Click to Accept: A Method of Clickwrap
Click to Accept: A Method of ClickwrapClick to Accept: A Method of Clickwrap
Click to Accept: A Method of Clickwrap
 
Privacy Policy for Wistia
Privacy Policy for WistiaPrivacy Policy for Wistia
Privacy Policy for Wistia
 
The "Your California Privacy Rights" clause
The "Your California Privacy Rights" clauseThe "Your California Privacy Rights" clause
The "Your California Privacy Rights" clause
 
Terms & Conditions Generator
Terms & Conditions GeneratorTerms & Conditions Generator
Terms & Conditions Generator
 
Terms & Conditions FAQ
Terms & Conditions FAQTerms & Conditions FAQ
Terms & Conditions FAQ
 
Software License Agreements
Software License AgreementsSoftware License Agreements
Software License Agreements
 

Recently uploaded

citizenship in the Philippines as to the laws applicable
citizenship in the Philippines as to the laws applicablecitizenship in the Philippines as to the laws applicable
citizenship in the Philippines as to the laws applicableSaraSantiago44
 
The Punjab Land Reforms AcT 1972 HIRDEBIR.pptx
The Punjab Land Reforms AcT 1972 HIRDEBIR.pptxThe Punjab Land Reforms AcT 1972 HIRDEBIR.pptx
The Punjab Land Reforms AcT 1972 HIRDEBIR.pptxgurcharnsinghlecengl
 
Wurz Financial - Wealth Counsel to Law Firm Owners Services Guide.pdf
Wurz Financial - Wealth Counsel to Law Firm Owners Services Guide.pdfWurz Financial - Wealth Counsel to Law Firm Owners Services Guide.pdf
Wurz Financial - Wealth Counsel to Law Firm Owners Services Guide.pdfssuser3e15612
 
Current Ethical Issues for Legal Professionals.ppt
Current Ethical Issues for Legal Professionals.pptCurrent Ethical Issues for Legal Professionals.ppt
Current Ethical Issues for Legal Professionals.pptVidyaAdsule1
 
Understanding Cyber Crime Litigation: Key Concepts and Legal Frameworks
Understanding Cyber Crime Litigation: Key Concepts and Legal FrameworksUnderstanding Cyber Crime Litigation: Key Concepts and Legal Frameworks
Understanding Cyber Crime Litigation: Key Concepts and Legal FrameworksFinlaw Associates
 
Alexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogiAlexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogiBlayneRush1
 
Illinois Department Of Corrections reentry guide
Illinois Department Of Corrections reentry guideIllinois Department Of Corrections reentry guide
Illinois Department Of Corrections reentry guideillinoisworknet11
 
1990-2004 Bar Questions and Answers in Sales
1990-2004 Bar Questions and Answers in Sales1990-2004 Bar Questions and Answers in Sales
1990-2004 Bar Questions and Answers in SalesMelvinPernez2
 
THE INDIAN CONTRACT ACT 1872 NOTES FOR STUDENTS
THE INDIAN CONTRACT ACT 1872 NOTES FOR STUDENTSTHE INDIAN CONTRACT ACT 1872 NOTES FOR STUDENTS
THE INDIAN CONTRACT ACT 1872 NOTES FOR STUDENTSRoshniSingh312153
 
PPT Template - Federal Law Enforcement Training Center
PPT Template - Federal Law Enforcement Training CenterPPT Template - Federal Law Enforcement Training Center
PPT Template - Federal Law Enforcement Training Centerejlfernandez22
 
Guide for Drug Education and Vice Control.docx
Guide for Drug Education and Vice Control.docxGuide for Drug Education and Vice Control.docx
Guide for Drug Education and Vice Control.docxjennysansano2
 
Labour legislations in India and its history
Labour legislations in India and its historyLabour legislations in India and its history
Labour legislations in India and its historyprasannamurthy6
 
Hungarian legislation made by Robert Miklos
Hungarian legislation made by Robert MiklosHungarian legislation made by Robert Miklos
Hungarian legislation made by Robert Miklosbeduinpower135
 
Grey Area of the Information Technology Act, 2000.pptx
Grey Area of the Information Technology Act, 2000.pptxGrey Area of the Information Technology Act, 2000.pptx
Grey Area of the Information Technology Act, 2000.pptxBharatMunjal4
 
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsVanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsAbdul-Hakim Shabazz
 
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeAlexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeBlayneRush1
 
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los Angeles
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los AngelesAre There Any Alternatives To Jail Time For Sex Crime Convictions in Los Angeles
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los AngelesChesley Lawyer
 
Analysis on Law of Domicile under Private International laws.
Analysis on Law of Domicile under Private International laws.Analysis on Law of Domicile under Private International laws.
Analysis on Law of Domicile under Private International laws.2020000445musaib
 
Attestation presentation under Transfer of property Act
Attestation presentation under Transfer of property ActAttestation presentation under Transfer of property Act
Attestation presentation under Transfer of property Act2020000445musaib
 
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptx
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptxSarvesh Raj IPS - A Journey of Dedication and Leadership.pptx
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptxAnto Jebin
 

Recently uploaded (20)

citizenship in the Philippines as to the laws applicable
citizenship in the Philippines as to the laws applicablecitizenship in the Philippines as to the laws applicable
citizenship in the Philippines as to the laws applicable
 
The Punjab Land Reforms AcT 1972 HIRDEBIR.pptx
The Punjab Land Reforms AcT 1972 HIRDEBIR.pptxThe Punjab Land Reforms AcT 1972 HIRDEBIR.pptx
The Punjab Land Reforms AcT 1972 HIRDEBIR.pptx
 
Wurz Financial - Wealth Counsel to Law Firm Owners Services Guide.pdf
Wurz Financial - Wealth Counsel to Law Firm Owners Services Guide.pdfWurz Financial - Wealth Counsel to Law Firm Owners Services Guide.pdf
Wurz Financial - Wealth Counsel to Law Firm Owners Services Guide.pdf
 
Current Ethical Issues for Legal Professionals.ppt
Current Ethical Issues for Legal Professionals.pptCurrent Ethical Issues for Legal Professionals.ppt
Current Ethical Issues for Legal Professionals.ppt
 
Understanding Cyber Crime Litigation: Key Concepts and Legal Frameworks
Understanding Cyber Crime Litigation: Key Concepts and Legal FrameworksUnderstanding Cyber Crime Litigation: Key Concepts and Legal Frameworks
Understanding Cyber Crime Litigation: Key Concepts and Legal Frameworks
 
Alexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogiAlexis O'Connell Arrest Records Houston Texas lexileeyogi
Alexis O'Connell Arrest Records Houston Texas lexileeyogi
 
Illinois Department Of Corrections reentry guide
Illinois Department Of Corrections reentry guideIllinois Department Of Corrections reentry guide
Illinois Department Of Corrections reentry guide
 
1990-2004 Bar Questions and Answers in Sales
1990-2004 Bar Questions and Answers in Sales1990-2004 Bar Questions and Answers in Sales
1990-2004 Bar Questions and Answers in Sales
 
THE INDIAN CONTRACT ACT 1872 NOTES FOR STUDENTS
THE INDIAN CONTRACT ACT 1872 NOTES FOR STUDENTSTHE INDIAN CONTRACT ACT 1872 NOTES FOR STUDENTS
THE INDIAN CONTRACT ACT 1872 NOTES FOR STUDENTS
 
PPT Template - Federal Law Enforcement Training Center
PPT Template - Federal Law Enforcement Training CenterPPT Template - Federal Law Enforcement Training Center
PPT Template - Federal Law Enforcement Training Center
 
Guide for Drug Education and Vice Control.docx
Guide for Drug Education and Vice Control.docxGuide for Drug Education and Vice Control.docx
Guide for Drug Education and Vice Control.docx
 
Labour legislations in India and its history
Labour legislations in India and its historyLabour legislations in India and its history
Labour legislations in India and its history
 
Hungarian legislation made by Robert Miklos
Hungarian legislation made by Robert MiklosHungarian legislation made by Robert Miklos
Hungarian legislation made by Robert Miklos
 
Grey Area of the Information Technology Act, 2000.pptx
Grey Area of the Information Technology Act, 2000.pptxGrey Area of the Information Technology Act, 2000.pptx
Grey Area of the Information Technology Act, 2000.pptx
 
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 ShopsVanderburgh County Sheriff says he will Not Raid Delta 8 Shops
Vanderburgh County Sheriff says he will Not Raid Delta 8 Shops
 
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis LeeAlexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
Alexis O'Connell lexileeyogi Bond revocation for drug arrest Alexis Lee
 
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los Angeles
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los AngelesAre There Any Alternatives To Jail Time For Sex Crime Convictions in Los Angeles
Are There Any Alternatives To Jail Time For Sex Crime Convictions in Los Angeles
 
Analysis on Law of Domicile under Private International laws.
Analysis on Law of Domicile under Private International laws.Analysis on Law of Domicile under Private International laws.
Analysis on Law of Domicile under Private International laws.
 
Attestation presentation under Transfer of property Act
Attestation presentation under Transfer of property ActAttestation presentation under Transfer of property Act
Attestation presentation under Transfer of property Act
 
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptx
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptxSarvesh Raj IPS - A Journey of Dedication and Leadership.pptx
Sarvesh Raj IPS - A Journey of Dedication and Leadership.pptx
 

GDPR Privacy Policy Update

  • 2. The General Data Protection Regulation (GDPR) took effect on May 25, 2018. If the GDPR applies to you, you’ll need to make sure your Privacy Policy is updated. UPDATE
  • 4. The GDPR will apply to your business if you: Offer products or services to EU citizens, or Collect personal information from EU citizens
  • 5. Note that it doesn’t matter where your business is located/headquartered. If you meet either of these criteria, the GDPR applies to you.
  • 6. For example, a U.S.-based business that simply collects email addresses from users in the EU will fall under the scope of the GDPR. @
  • 8. (1) Link to https://termsfeed.com/blog/gdpr-compliance-plan/#Requirements_for_GDPR_Data_Controllers (2) Link to https://termsfeed.com/blog/gdpr-compliance-plan/#Requirements_for_GDPR_Data_Processors (3) Link to https://termsfeed.com/blog/data-protection-officer-dpo/ The GDPR comes with a number of enhancements to the current privacy law in the UK - the Data Protection Directive. New responsibilities (1) for Data Controllers Data Processors (2) are now covered by the law The new role of Data Protection Officer (3) has been created
  • 9. The main focus of the GDPR is the protection of personal data and digital privacy. Users must be provided with thorough information about how their personal data is processed. Here’s where your Privacy Policy comes in.
  • 11. (4) Link to https://gdpr-info.eu/art-12-gdpr/ Article 12 of the GDPR (4) requires that you communicate information about your processing of personal data in a way that’s: Concise Transparent In clear and plain language Intelligible Easily accessible Free of charge
  • 12. Most Privacy Policies tend to be long and dense, filled with legal jargon and less than clear for most readers. The GDPR is working to avoid this.
  • 13. Update your Privacy Policy by: Cutting out legalese Simplifying overly technical information Using short, clear sentences Writing with your average user in mind
  • 14. In addition to the standard required components of your Privacy Policy (5), your GDPR-compliant policy will need to disclose more information. (5) Link to https://termsfeed.com/blog/gdpr-privacy-policy/#Have_a_Privacy_Policy
  • 15. The following 6 concepts must be covered somewhere in your Privacy Policy. They can be separate, standalone clauses, or integrated into other existing clauses. Just make sure you have the information somewhere in your Policy.
  • 16. 1. Who is your data controller? The data controller is the party in charge of deciding what personal data is collected. Let users know if this is your business or if someone else is responsible for making this important decision. In most cases, it will be your company.
  • 17.
  • 18. Make sure your users have a way to contact you. This is a fast, easy and important update to make to your Privacy Policy if needed. 2. Your contact information and your DPO’s contact information, if applicable
  • 19.
  • 20. If you have a Data Protection Officer (DPO), include contact information for this individual as well.
  • 21. (6) Link to https://www.vividfish.co.uk/blog/gdpr-8-rights-under-gdpr 3. The 8 rights of users under the GDPR Inform users of these 8 rights (6). They don’t have to be explicitly listed out in your Privacy Policy, but each point should be addressed somewhere within it.
  • 22. The 8 rights of users: Right to be informed Right of access Right of rectification Right to erasure Right to restrict data processing Right to data portability Right to object Rights of automated decision-making and profiling
  • 23. Twitter includes a separate chapter in its Privacy Policy to address some of these rights:
  • 24. Let users know what purposes you use collected data for, such as for communication and billing. 4. Your purposes for collecting the data
  • 25.
  • 26. Let users know if you transfer their personal data to a different country. Include a description and explanation of suitable safeguards you have in place for the transfer, and how users can obtain a copy of them. 5. Do you transfer data internationally?
  • 27.
  • 28. The GDPR provides 6 lawful bases (7). You’ll likely satisfy this requirement in your clause that covers what data you collect and how you use it. 6. Your legal basis for processing data (7) Link to https://gdpr-info.eu/art-6-gdpr/
  • 29. For example, you collect email addresses for communication purposes, financial information for payment purposes, place cookies to remember passwords and user preferences, etc.
  • 30. Getting Agreement and Consent to your Privacy Practices
  • 31. Whenever you get consent, use checkmark boxes or another active method of clickwrap (8). (8) Link to https://termsfeed.com/blog/examples-click-accept/
  • 32.
  • 34. Because the GDPR focuses on creating transparency and understanding for users, having Privacy Notices will help you be GDPR-compliant.
  • 35. A Privacy Notice is a short, concise notice that helps users understand why you’re requesting their personal data. They should be available at the point where you’re requesting to collect the data.
  • 36.
  • 37. The GDPR requires your Privacy Policy to be more informative. However, it requires that you provide this information in a simplified, clear way.
  • 38. Review the language in your Privacy Policy and drop the legalese. Make it be easy to understand by your average user Update your Privacy Policy with the additional information required by the GDPR Use clickwrap when getting agreement and consent Add Privacy Notices to help users understand what they’re consenting to To summarize: