- Company’s details and description
- Personal data to be collected
- Legal basis, Mode of collection and use of the data collected
- How the data is processed
- The means of data protection and security
- Users rights, access and control over such data
- Third parties interaction with the data
- Contact details of the company’s data protection officer
Most data protection regulations compel the websites to put a privacy notice or policy to inform users of the way they deal with personal data.
- Easy to read
- Fit for the sector of the company’s business
- Clear and comprehensible
- Concise and precise
- Conspicuously placed on the website
- Clearly state the personal information collected and how same will be processed and protected
- Contains contact details for complaint and data opt-out
- A system for keeping users updated when there are changes.
- To know what data is being collected from you
- To know how the data collected is used
- Methods of withdrawal of data and contacts information in case you have enquiry about your data
- How your data is secured
- Whether your data is being shared with third parties and which third party
- What privacy rights you have (right to erase, opt out, rectification)
- To know the period of which they keep your data (data retention period)
Try to skim through the document. While doing that scan for information about what data is collected and how.
Look to know whether data is shared, stored and how secured are they.
Find out the rights you have.
Ask yourself questions like: Can third party access my data? Can I rectify or delete my data? How is my data protected?
You can also look out for keywords like: control, third party, opt-out, collect, rectify, right, such as, marketing, not, etc.
You can download the e-book version of this post here
Adeyemi O. Owoade