Publishing Privacy Policy
Assign topic to the user
Answer:
Based on your description bellow it does not make sense to publish the Privacy Policy on your website unless you use the website to collect data for example CVs for recruitment purposes or get data subjects to set up an account.
In the case above you just need to publish the Privacy Policy on your intranet for example.
Regarding DSARS these should come from the data subjects for which you are acting as controllers so you need to provide this information only to them. For example, in case of requests from your employees you can provide the information on your intranet. However, bear in mind that also former employees have these rights so the informat ion should be available to them as well so Intranet might not be sufficient in this case.
You can find out more about Data Subject Access Requests from our webinar “Data Subject Rights under the EU GDPR” (https://advisera.com/eugdpracademy/webinar/data-subject-rights-under-the-eu-gdpr-free-webinar-on-demand/).
Comment as guest or Sign in
Mar 21, 2018