Data protection policies and notices

Intro

Τhis material presents the meaning of transparency, the goals it serves. It explains the elements of transparency in order to assist a system analyst/designer/developer to fulfil this GDPR requirement via data protection privacy policies and notices.

It also provides recommendations on how to structure privacy notices and presents examples of different presentation approaches.

At the end of the study, the reader is expected to:

• Understand the importance transparency and its characteristics

• Be able to identify ways and best practices in designing privacy policies and notices

Key Messages

• Informed individuals can make decisions in relation to their personal data

• Information should be easily accessible, clear to all

• Use appropriate ways/means/techniques to present the information in privacy policies and notices

• Consider a layered approach, a privacy dashboard, a just in time notice

• Adapt to the data subjects characteristics

⇒ See relevant slides

General References

1. Guidelines on transparency under Regulation 2016/679

2. https://www.dpa.gr/en/personal_data

3. https://juro.com/privacy

4. https://ico.org.uk/global/privacy-notice/

5. https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/the-right-to-be-informed/what-methods-can-we-use-to-provide-privacy-information/#how2