Summary of the Website privacy plan
This document is GDPR compliant.
When to use
Use this site privacy plan:
when you gather personal information on the website
to be sure you comply with data privacy legislation
Just what it covers
the nature of data gathered by the site
the use of data
data security and access
transfers of information outside Europe
The collection and use of personal data by online businesses in the UK must comply with the UK data protection laws and the GDPR. This plan is designed to allow the website operator to comply with the fair processing obligation and also to obtain the user’s consent to this processing as required by law.
Who is a Data Protection Officer (DPO)?
A new Data Protection Officer aids your business with internal compliance and can notify or advise you of your data protection obligations, provide tips regarding any Data Protection Impact Tests and act as a contact point for data subjects and the Info Commission Office (ICO).
Just what types of information will be collected from users?
It depends upon the objective for which the data is gathered. If you are selling and trading on your website, you may wish to gather your customers personal data such as names & credit card details. However, the data protection law defines personal data as broad regarding include information about personal opinions and IP address.
What are cookies?
This specific document allows you to specify the types of cookies, their purpose and the method that will be used to gain consent of the user when you use these cookies.
Do I need to display my personal details?
Place of registration
Registered office tackle
Contact details, including an email tackle
Details of how to contact the business enterprise
Regarding sole traders and individuals, you must display the address of the essential place of business.
What’s an Information Management Security Program (IMSS)?
An IMSS is a set of principles and procedures for systematically managing an organisation’s data. The purpose of an IMSS is to minimise the danger for the business enterprise and ensure business continuity by pro-actively limiting the impact of the security breach. These methods relate to the safety details, and are developed in accordance with the business position.
Are usually General Data Protection Regulation (EU) 2016/679?
This specific is the GDPR which is a European part of legislation. This regulation applied to all EUROPEAN Member States in 2018. The ‘2016’ is the year in which it was passed.
Ask a lawyer for:
websites collecting sensitive personal data
This privacy plan is governed by the law of England and Wales and complies with UK and EU data privacy legislation.