Privacy Policy

    A policy or information sheet provided by the Controller to the data subjects. It is usually a written text where the data subject can read about the processing in question.

    Privacy policies are important tools for a controller to be compliant with the transparency principle in Art. 5(1)(a) GDPR and be able to provide the information to the data subject they are obligated by the GDPR to provide.

    The information that should be provided through a privacy policy can be different depending on the processing. Regardless of the processing, a privacy policy should always contain information about contact details to the controller, how data subject can evoke their rights under GDPR and essential information regarding the processing.