With Complianz Privacy Suite, you can generate several legal documents, like a cookie policy, disclaimer, data processing agreement, for Germany a “Impressum” and “datenschutzerklärung”, for California a “DNSMPI” page,
and privacy statements based on your own region. We will discuss the latter in this article. When do you need it, and what do you need to include in this privacy statement?
What is a privacy statement?
A privacy statement is a document in which you inform your website visitors about how your website and organization deals with personal data. Among other things, it informs the website visitor about which data is being collected and its purposes.
When do you need a privacy statement?
Most websites and webshops are obliged to put a privacy statement on their site because of collecting personal data in one way or another. It does not matter whether your contact form is filled 100 times a month or only once a year. When a website or webshop collects personal data, it is mandatory to put a privacy statement on the website or webshop.
When you’re indirectly gathering personal data, for example, via cookies or social share buttons, you have to specify details of these in your privacy statement.
Examples of personal data
- Name
- Date of birth
- Gender
- Home address
- Email address
- Phone number
- IP address
Contents of a privacy statement
Several aspects are mandatory for a privacy statement. Other than the ways and means of gathering personal data, you may need to include:
- The purpose and legal basis of the processing. If the organization is claiming a legitimate interest, what interest is at stake
- The identity of the person who is responsible
- The (categories of) recipients of the personal data. Whether you intend to disclose personal data outside the EU or to an international organization and on what legal grounds
- Security level
- Contact details of the contact person or a Data Protection Officer.
- The retention period of the data
- Whether automated decision-making is used, including profiling, and how these decisions are made
- The data subject’s rights, such as the right of access, rectification, and erasure
In Complianz Premium, it is possible to generate a privacy statement based on the region’s privacy laws where you are located and/or the region(s) you are targeting with your website.
