GDPR – Privacy Notice
Being transparent about how you process data
Being transparent and providing accessible information to individuals about how you will use their personal data is a key element of the new GDPR. The most common way to comply is in a privacy notice. The GDPR says that the information you provide to people about how you process their personal data must be:
- concise, transparent, intelligible and easily accessible
- written in clear and plain language, particularly if addressed to a child, and
- free of charge.
These requirements are about ensuring that privacy information is clear and understandable for data subjects. The explicit emphasis on adapting privacy notices for children goes beyond what is currently required by the Data Protection Act. Data controllers processing children’s data will need to take account of the level of comprehension of the age groups involved and tailor their notices accordingly.
We don’t offer template privacy notices. Not only would that be difficult for us to do given the range of experts we deal with, but we feel it is better for the expert to take a couple of hours out to read and understand the ICO’s guidance on privacy notices and then to write a short, clear and bespoke notice for their forensic work.