What are the GDPR privacy policy requirements?

Article 12 of the GDPR requires that you communicate information about your processing of personal data in a way that is:

  • concise
  • transparent
  • in clear and plain language
  • intelligible
  • easily accessible
  • free of charge

In general, most privacy laws require you to inform your users about the following:

  • name (or business name), location, and contact information
  • what information you’re collecting from them (including names, email addresses, IP addresses, and any other information)
  • what methods you are using to collect their information, e.g. cookies
  • the purpose for collecting this information
  • how you’re keeping their information safe
  • whether or not it’s optional for them to share that information, how they can opt-out, and the consequences of doing so
  • any third-party services you’re using to collect, process, or store that information (such as an e-mail newsletter service, or advertising network)

You must be mindful of getting all of the relevant and required information about your store into your GDPR privacy policy.

Pandectes team can help you generate such content. Don’t hesitate to contact us for more information.