Privacy policy
A website privacy policy sets out the purpose of data collection on a website, the types of information collected and the scope and limitation of data processing on the website.
In the United Kingdom, a new domestic data privacy law called the UK-GDPR took effect on January 31, 2020, and alongside the Data Protection Act of 2018 and the PECR -govern all processing of personal data from individuals located inside the United Kingdom. The UK-GDPR introduces a duty on all organisations to report certain personal data breaches to the relevant supervisory authority. The GDPR ushered in a number of changes to data protection, including new requirements for organisations to deal with,
What Should a GDPR Compliant Privacy Policy Include?
Important information about the website owner, including company name and contact details.
- Which personal data the website may collect about its users
- How the users’ data is collected
- Disclosures of the users’ data
- International transfers of data
- Data security measures in place
- Data retention
- The users’ legal rights
Why Is It Important to Create a GDPR Complaint Website Privacy Policy?
A recent survey by the Global Privacy Enforcement Network (GPEN) examined over 1,200 mobile apps by 26 privacy regulations and found that a shocking 85% of the apps surveyed had failed to clearly explain how they were collecting, using and disclosing personal information. Those who violate the privacy policy standards introduced by the GDPR will face heavy fines of up to £17.5 million or 4% of annual revenues, whichever is higher.