Many organizations are updating their privacy notices before GDPR enforcement begins May 25. The Trust Bridge created this eight-point checklist for establishing transparency and consent with individuals.
1. Use straightforward language and speak with your voice.
2. Identify yourself, then decide what personal information you want to hold and what you want to do with it.
3. Explain to the user that you take data responsibilities very seriously and have confidence in how you handle personal data.
4. Show how users can consent to data use(s) and give the option of a separate unticked opt-in box for any direct marketing.
5. Explain what you will do with the data and also what you will not do with the data (e.g., share it with others).
6. Explain what to do if they wish to have data corrected or deleted and give a clear contact point for any queries.
7. Provide details for how to complain to you and also to any supervisory body.
8. Keep your notice under review and update it regularly.