This document from Spain’s data protection authority Agencia Española de Protección de Datos (AEPD) looks into notion of Data protection by design and by default and provides guidance on its implementation. The General Data Protection Regulation (GDPR), in Article 25 and under the heading “Data protection by design and by default” incorporates the practice of […]
This guide examines techniques for improving consumers’ understanding of contractual terms, conditions and privacy policies. The focus is on methods offering low-cost, practical and scalable solutions. The guidance draws on new research and includes a review of the existing academic literature.
One fundamental factor of GDPR is privacy notices and how organisations explain at the point of data collection what users can expect will happen to their data. In this article, we’ll dig into the topic of privacy notices more deeply, and present some best practice examples that appear to comply with the GDPR.
The right to be informed covers some of the key transparency requirements of the GDPR. It is about providing individuals with clear and concise information about what you do with their personal data.