According to the GDPR Article 13, it is being stated that:
- Whenever you are collecting personal records directly from the data subjects, you must render a privacy notice.
- When you gain personal information from a second source, you must render a privacy notice, without any sort of undue delay.
- What personal data is to be collected?
- What are the means of data collection?
- What are the data security measures?
- Whether data will be shared with external entities or not?
- Are end users having any control over their information?
1. Who is the Data Controller?
If you are either the one who is taking control over personal information of EU customers or the one who is using data for some other industry, inform your clients about the same. Give complete information about the individual who is processing the customer’s information, and what is his or her role when it is about data processing.
2. Who is the DPO in Your Organization?
3. Aware Citizens With Their 8 Rights
It is important for a GDPR compliant to aware users with their 8 rights, which are mentioned in GDPR 99 articles.
- The right to be informed
- The right for data access
- The right to rectification
- The right to erasure
- The right to prohibit processing
- The right to data portability
- The right to object
- Rights associated with auto-decision making and profiling
4. Are You Transferring Data Internationally?
That’s All Regarding The Template Designing