A picture of a person explaining a book

What is GDPR? Part 3 - Right to be informed

← Back to Blog
FAQ

We're back with another essential chapter in our GDPR series! If you found the "Right to Data Portability" enlightening, you're going to appreciate the "Right to be Informed." This right is as crucial as it sounds, and it requires more than just a generic privacy policy.

What exactly is the "Right to be Informed"?

The "Right to be Informed" gives individuals the right to know how their personal data is being collected, used, stored, and shared by any business. It’s all about transparency and ensuring that individuals understand what happens with their data.

Why should you care?

Ignoring this requirement could result in substantial fines. Beyond the legal implications, transparency builds trust. When customers trust you with their data, they're more likely to remain loyal to your brand.

How to comply effectively

  • Clear and accessible information: Your privacy notice should be straightforward and easy to find. Avoid complicated legal language. The goal is to be as clear as possible.
    • Example: Instead of saying "We may utilize your personal information for various purposes," try "We use your data to send you updates and offers."
  • Timing is crucial: Inform people at the time their data is collected. Whether it’s when they sign up for your newsletter or make a purchase, provide the information then.
    • What to include:
      • Who you are: Clearly identify the entity collecting the data.
      • What data you’re collecting: Specify the types of data.
      • Why you’re collecting it: Explain the purpose in a clear manner.
      • How long you’ll keep it: Indicate the retention period.
      • Third parties: If data will be shared, specify who will receive it and why.
    • Example: "We collect your email address to send you our monthly newsletter. We won’t share your email with anyone except our email marketing service, and you can unsubscribe anytime."
  • Layered approach: If there’s a lot of information, break it down into manageable sections. Start with the essentials and provide links for more detailed information.
  • Regular updates: Data practices can change, and your privacy notices should reflect those changes. Ensure your privacy policies are updated regularly and inform your users of significant updates.

Practical tips to stay compliant

  • Use templates: Start with GDPR-compliant templates and customize them to fit your business needs.
  • User-friendly language: Avoid legal jargon. Aim for clarity and simplicity.
  • Test and iterate: Have a few people outside the legal field review your privacy notice. If they understand it, you’re on the right track.

ToolHive

How does ToolHive fit in? ToolHive can generate a Privacy Policy that has all the information you need. Keeping up-to-date is very easy by just adding the tool in ToolHive and the Privacy Policy will included all the new information. Keeping up is easier than ever.

Conclusion

The "Right to be Informed" is not merely a legal obligation; it is fundamental to building trust with your audience. Taking the time to ensure your practices are transparent will benefit both your customers and your business.

Stay tuned for our next GDPR topic, where we'll discuss the "Right to Restrict Processing." It's an important aspect you won't want to miss!