This document from Spain’s data protection authority Agencia Española de Protección de Datos (AEPD) looks into notion of Data protection by design and by default and provides guidance on its implementation. The General Data Protection Regulation (GDPR), in Article 25 and under the heading “Data protection by design and by default” incorporates the practice of […]
One fundamental factor of GDPR is privacy notices and how organisations explain at the point of data collection what users can expect will happen to their data. In this article, we’ll dig into the topic of privacy notices more deeply, and present some best practice examples that appear to comply with the GDPR.
The right to be informed covers some of the key transparency requirements of the GDPR. It is about providing individuals with clear and concise information about what you do with their personal data.
These guidelines provide practical guidance and interpretative assistance on the new obligation of transparency concerning the processing of personal data under the General Data Protection Regulation (the “GDPR”). Transparency is an overarching obligation under the GDPR applying to three central areas: (1) the provision of information to data subjects related to fair processing; (2) how […]