Remember that the ‘ lack of or incorrect information privacy the user is punishable by a penalty fine of up to EUR 20 million or up to 4% of the turnover annual world, taking into account the individual case, the nature, severity, duration of the infringement, etc.
You can specify the purposes for which you will collect the data by choosing from a list of predefined purposes (e.g. sending emails or newsletters, interacting with live chat, etc.) or, for special needs, you can describe the purposes in a personalized way.
- Types of personal data collected: it is possible to choose between data voluntarily provided by the user (contact data, information, content, sensitive data, data collected from social media, etc.) and automatically acquired data (usage data, geolocation data, data collected through cookies, etc.)
- Purpose of processing: the purposes for which personal data are collected must be listed (e.g. statistical purposes, user profiling, payment management, etc.). We have prepared the interview allowing you to choose between pre-set and/or customizable purposes
- Processing methods: the electronic or manual tools with which the data are collected, the methods of organizing the data, the security measures to prevent unauthorized access, disclosure, modification or destruction of data must be indicated
- Data recipients: the names of the third party’s recipients of the data or the economic or commodity categories to which they belong must be indicated (e.g. marketing consultants, shippers, etc.)
- Legal basis of the processing: the basis on which the processing is based (consent, legal obligation, contractual obligation, etc.)
- Place: where the data are stored and if they are transferred to a non-EU country
- Automated decision-making processes: if procedures such as profiling and the logic with which they are used are used
- Data retention period: how long the User’s personal data are stored;
- Rights exercisable by users: the legislation expressly requires you to enter the list of what a user can do (ask for data removal, cancellation, transformation into anonymous form or blocking of data, etc.)
- Identification data of the data controller and/or the data protection officer (DPO): all data must be entered to identify and contact who determines the purposes and means of the processing of personal data. If appointed, the data protection officer must also be indicated
- English language: it is also possible to generate the document in English if your users are foreigners.
Information you need
The document can be modified free of charge in all its parts without time limits. Don’t worry so if you don’t have all the information available during the interview, you can always enter it later.
- information on the processing of personal data
- GDPR policy statement
Other useful templates and facsimiles
- Terms and Conditions of a Website or an App: to regulate the rights and obligations of users of a website or application
- Personal Data Processing Register: to collect all information relating to the management of personal data processed
- Privacy Notice for Offline Activities: to inform your customers or employees about the use that will be made of their personal information
- E-marketplace Membership Conditions: to regulate the relationship between the owner of an online marketplace and suppliers who sell products and/or services to users