Assign topic to the user
Answer:
Articles 13 and 14 of the EU GDPR refer to the information to be provided to data subjects or “privacy notices”. You can find a “General Data Protection Notice” in folder 2 “Personal Data Policy Framework” which contains all the information you need to put into your “Privacy Notices”. Personal Data Records Management is covered by the “ Data Retention Policy” and “Data Retention Schedule” which can be found as well in ” in folder 2 “Personal Data Policy Framework”.
Folder 4 “Managing Data Subject Rights” contains the “Data Subject Access Request Procedure” that is meant to cover all the rights of the data subjects including the right to access, erase or rectify the data etc.
Please consider that you don’t actually need a “Data Minimization”, “Special Categories of Personal Data Procedure”, “Reference letters procedure” , “Direct Marketing procedure”, not every item from the EU GDPR needs a procedure or policy.
To get an overview of the whole content of the EU GDPR toolkit https://advisera.com/eugdpracademy/eu-gdpr-documentation-toolkit/ in terms of documents you should check out .pdf document called “List of Documents EU GDPR documentation toolkit”.
Comment as guest or Sign in
Dec 29, 2017