Posted on 21st August 2019 at 15:05
1. Details of the data controller (the name of the company who makes decisions about what happens to the data)
2. Representative in the EU, this only applies if you are based outside of Europe
3. The contact details of the Data Protection Officer. Not all organisations need a data protection officer but it is a good idea to appoint someone who can deal with any enquiries about data processing
4. The purpose for which they are collecting data. This could be for marketing purposes, processing order or recruitment.
5. The types of data you are processing (clearly stating which is person/sensitive/criminal)
6. The types of data subject
7. Where you got their data from (if it wasn’t directly from the data subject)
8. Details of any recipients of personal data
9. Details of any third country transfers
10. How long personal data is retained, this may vary depending on the type of data and any statutory requirements
11. Details of technical and organisational security measures in place
If you still want a bit of help then get in touch, we are happy to help.
Share this post: