Complianz Privacy Suite

What is a Privacy Statement?

Dr. Mathieu Paapst LLM cipm

Dr. Mathieu Paapst LLM cipm

Assistant Professor IT and Privacy Law at the University of Groningen (RUG), and Complianz Partner

Most Popular

What is UK – GDPR?

The Data Protection Act The Data Protection Act 2018 controls how your personal information is used by organisations,

Read More »

What is the CCPA?

The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information

Read More »

Related articles

About Placeholders

This is an overview of articles concerning placeholders. Complianz can add placeholders for services like social

Read More »
Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn

With Complianz Privacy Suite you can generate several legal documents, like a cookie policy, disclaimer, data processing agreement, and a privacy statement. We will discuss the latter in this article. When do you need it and what do you need to include in this privacy statement?

What is a privacy statement?

A privacy statement is a document in which you inform your website visitors about the way your website and organization deals with personal data. Among other things, it informs the website visitor about which data is being collected and for which purposes.

When do you need a privacy statement?

Most websites and webshops are obliged to put a privacy statement on their site because of the collection of personal data in one way or another. It does not matter whether your contact form is filled in 100 times a month or only once a year. When a website or webshop collects personal data, it is mandatory to put a privacy statement in place on the website or webshop.

Also when you’re indirectly gathering personal data, for example via cookies or social share buttons, you have to specify details of these in your privacy statement.

Examples of personal data

  • Name
  • Date of birth
  • Gender
  • Home address
  • Email address
  • Phone number
  • IP address

Contents of a privacy statement

There are several aspects that are mandatory for a privacy statement. Other than the ways and means of gathering personal data, you may need to include:

  • The purpose and legal basis of the processing. If the organization is claiming a legitimate interest, what interest is at stake
  • The identity of the person who is responsible
  • The (categories of) recipients of the personal data. Whether you intend to disclose personal data outside the EU or to an international organization and on what legal grounds
  • Security level
  • Contact details of the contact person or a Data Protection Officer.
  • The retention period of the data
  • Whether automated decision-making is used, including profiling, and how these decisions are made
  • The data subject’s rights, such as the right of access, rectification, and erasure

In Complianz it is possible to generate a privacy statement based on the privacy laws of the region where you are located and/or the region(s) you are targeting with your website.

Subscribe