policy that documents and governs an organization’s or entity’s handling
practices of personal information. A
the organization collects, uses, retains and discloses personal information,
describes the data subjects rights, information regarding their website and
cookies or tracking devices, etc. An
the data, specific rights they may have, their responsibilities in handling the
Record Retention Policy
Covers all aspects of a company’s policies and procedures in dealing with the storage and destruction of information records, both paper and electronic.
A statement made to a data subject that describes how the organization collects, uses, retains and discloses personal information. A privacy notice is sometimes referred to as a privacy statement, a fair processing statement or sometimes a privacy ...
An assessment of an organization’s compliance with its privacy policies and procedures, applicable laws, regulations, service-level agreements, standards adopted by the entity and other contracts. The assessment or audit measures how closely the ...
Privacy (Data Protection) Officer
An official responsible for the coordination and implementation of all privacy, data protection and confidentiality efforts within an organisation. They are generally responsible to Data Protection Authorities (DPAs) or senior management for ensuring ...
Privacy by Design
The concept that organizations need to build privacy directly into technology, systems and practices at the design phase, thereby ensuring the existence of privacy from the outset. Originating in the mid-1990s by the Information and Privacy ...