GDPR is all about Privacy, so it makes sense that a Privacy Policy is of the highest importance, so essential is it that it is actually required to be accessible from every page on your website.
Along with your other policies the best place to link to this policy is on the footer section of each page, it keeps it out of the way of your marketing message but clearly fulfils the required criteria of having it easily accessible.
Countdown To GDPR Compliance
What Should Be in Your Privacy Policy
Article 13 of the GDPR is very prescriptive on the information that must be provided to the data subject at the time their personal data is collected. It states that the privacy policy should include the following information:
- the identity and the contact details of the controller
- the contact details of the data protection officer
- the purposes and legal basis for the processing
- where the processing is based on legitimate interests, details of what these are
- the recipients or categories of recipients of the personal data
- details of any transfer to a third country and details of the safeguards and the means by which to obtain a copy of them or where they have been made available
- the retention periods or the criteria used to determine that period
- details on rights of access to and rectification/deletion of personal data. Rights to object to processing and the right to data portability
- if processing is based on consent, the right to withdraw consent
- the right to lodge a complaint with the supervisory authority
- details on whether the data subject is obliged to provide the personal data and the consequences of failure to provide it
- details of any automated decision making, including details of the logic used and potential consequences for the individual
As well as this Article 12 also outlines that information must be displayed in “a concise, transparent, intelligible and easily accessible form, using clear and plain language, in particular for any information addressed specifically to a child”. This not only affects the language which can be used, (no more legalese or technical jargon), it also affects the format of how the information is displayed.
In the past Privacy Policies could go on for pages and pages, the appearance of this in itself was off putting with the result that not too many people would read them in their entirety. There are varying methods of displaying a lot of information in a concise way, the one I favour most is the accordion method, an example of which you can find in my own Privacy Policy set up.
As the information that is contained with your Privacy Policy needs to be “easily visible, intelligible and clearly legible….and meaningful overview of the intended processing”. (Article 12 (7) ) It is no longer acceptable to just use widely available templates for your policy. Each policy needs to be individualised to reflect the uniqueness of each businesses specific set up in relation to how data is collected, used, stored etc.
While there is no doubt that GDPR is going to be somewhat of a headache for SME’s the overall principal behind it, the rights and protection of peoples personal data, is sound and is very much a good thing in general. If approached in the right way creating your Privacy Policy can become a very useful tool for you and your business. By starting off on the right foot now it can assist you in setting up better administrative structures, creating more streamline methods of collecting and using data, as well as eliminating old stockpiles of non -essential, non-relevant files.
You can find more information on GDPR by downloading the Rights of Individuals under the General Data Protection Regulation from the Irish Data Protection Commissioners website.
This has been the second of my Five Blog posts on actions you can take to at least show that a determined effort has been made to make your website GDPR compliant. As I publish the next three I will make them available below, so be sure to keep checking back to see them, or better still get links to them sent directly to your inbox by signing up to my mailing list.
If you have found this post useful and informative please free to share it with others so that they may get the benefit of it also. If you would like help to put your website on the path to GDPR compliance then please do not hesitate to get in touch, I would be more than happy to help you out.
- What GDPR Means For Website Owners
- The Importance Of A Terms Of Use Policy For Your Website
- GDPR The Necessity of Adding a Privacy Policy to Your Website
- GDPR What Are Cookies and Why Do I need a Cookie Notice On My Website
- Cookie Control – The Right to Choose
- Add A Consent Tick Box to Your Data Gathering Forms For GDPR Compliance
BOOK A FREE NO OBLIGATION CONSULTATION
Have a new business idea or want to totally revamp your website into something that better suits your business?
I am here to help!
I offer a once off free no obligation consultation where we will take a deep dive into your current website, discuss how it is, and more importantly, how it is not performing for you and come up with a solution that better suits your needs.
Fill out the form and I will get back to with ASAP.
CREATE108 WEBSITE DESIGN SERVICES
Web Design Services
- eCommerce Development
- Brochure Website Development
- Catalogue Website Development
- Fully Device Responsive Design
- SEO Set Up
- 12 Months Free Hosting
- 12 Months Free Site Maintenance
- GDRP Compliance Including Free Professionally Written GDPR Privacy Policy (READ MORE)
- Image Optimisation
- Brand Design/ Brand Continuity Adherence
Serving your needs
- Jargon Free Professional Website Design
- Free Consultation & Development Plan (BOOK NOW)
- One to One Service (No Middle Men)
- Content Checking
- Ongoing Consultation Throughout The Project
- Pre-Launch Support
- Post Launch Support
- Search Engine Registration (Google & Bing)
- Google Analytics Set Up
- LEO Online Trading Voucher Support and Guidance (LEARN MORE)
"When you work with me you work only with me, I don't outsource my websites and don't use third party middle men. All my clients get my dedicated attention through every stage of the design process and beyond."
Keith Byrne - Create108.ie
Learn More