Under the EU GDPR, individuals are granted several rights. One of these is the right to be informed.
In Articles 13 and 14 of the Regulation, it’s stated that individuals have the right to be informed of the collection and processing of their data, how this data is handled, and for which purposes.
The GDPR states that if the data is collected directly from the individual, they must be informed right away – that is, at the time of the collection.
If, instead, the data isn’t collected directly from the individual, they must be informed within a reasonable period, but at the latest after a month.
One way in which the right to be informed is respected is through a privacy policy.
A privacy policy is a legal document that websites provide to inform users of the data they collect and process, and how this processing happens.
It’s a handy way to inform your users about your data processing activities because it’s usually easily accessible from every page of the website.
Read also:
👉 What is the GDPR? The Ultimate Guide to GDPR Compliance
Attorney-level solutions to make your websites and apps compliant with the law across multiple countries and legislations.