7 posts tagged with "General Data Protection Regulation"

No. A checkbox is not necessary. The 'Submit' button is enough.

If you are clear about the fact that the contact form is a contact form, then the action of clicking the "Submit" button already means that they are consenting to the processing of the data.

However, it is necessary to include a text next to the form, such as:

We will process your data to contact you and inform you about our products and services. You can revoke consent, exercise your rights of access, rectification, opposition, limitation of treatment, portability, and deletion by writing to us at [email address]. More information in the Privacy Policy of our Legal Hub.

No. No, you can't.

You can only send unsolicited communications if you have a prior sales relationship with the person.

It's true that the regulation on this matter is not as straightforward as other GDPR matters, but a proper reading of the European law clarifies that you cannot email a person without their consent.

Also, it is worth noting that the UK GDPR may differ from the EU GDPR in this matter.

Yes. Absolutely. Using pre-defined templates is a lifesaver, although they should be used with attention to detail. Using predefined templates for GDPR compliance documents can help organizations in several ways. If you want to know more, keep reading.

4 reasons to use pre-defined GDPR templates​

Some of the main reasons to use templates include:

1. Ensure compliance​

GDPR compliance documents must be accurate and complete in order to be effective. Using predefined templates can help organizations ensure that their documents are compliant with European privacy rules. This can reduce the risk of non-compliance and the potential for fines and penalties.

One of the key principles of the GDPR is that the processing of personal data must be lawful. In other words, there must be a legal basis for any processing activity that is carried out. The GDPR sets out six grounds on which the processing of personal data is considered to be lawful: consent, contract, legal obligation, vital interests, public interest, or official authority.

In most cases, more than one of these grounds will apply. For example, processing may be necessary for the performance of a contract, but it may also be carried out with the data subject's consent.

How to Create a Privacy Policy​

The privacy policy is a document that explains how you collect, use, and protect the personal information of your website's users in compliance with the General Data Protection Regulation. You are required to have a privacy policy if you collect personal information from your website's visitors.

Creating a privacy document for your users can be a daunting task, but it doesn't have to be. In this blog post, we will give you all the information you need to create a privacy policy that is compliant with the GDPR and that will put your website's users at ease.

Four steps to succeed at your GDPR audit​

1. Review your company's GDPR compliance documentation​

Before the audit, you should review your company's GDPR compliance documentation to ensure that it is up-to-date and covers all relevant aspects of GDPR. This might involve reviewing your company's privacy policies, consent processes, data protection impact assessments, and other GDPR-related documents.

If you don't have GDPR procedures and policies in place, hurry up and try out GDPR.direct templates – these policies will cover everything you need both internally and externally.

When collecting personal data under GDPR, organizations must be able to clearly explain their purpose for collecting the data, because personal data must only be used for the purpose for which it was collected. There may be some exceptions, but only if the new purposes are compatible with the original purpose.