Transparency is one of the most basic tenets of the General Data Protection Regulation (“GDPR”). It allows individuals to be informed of what businesses do with their data, and how and why businesses use their data through privacy notices.
It is not surprising that there is a growing awareness of data protection rights amidst this digital age. More people are demanding to know how businesses are using their personal data. However, as per the rules set out in the EU and UK GDPR, the shift away from traditional methods of processing personal information and the organisational complexities present challenges to ensuring privacy notices are clear and detailed.
If users choose to interact with businesses that are interacting with those features, their data could be shared with Facebook to personalise ‘users’ experience and ads. Examples of the type of data are:
- IP addresses;
- Account registration details (e.g. phone number); and
- Transaction data, service-related information and the way users interact with others using Whatsapp’s services.
What can businesses take from this?
- Businesses need a proactive approach to drafting and presenting their privacy notices.
- Business should foster trust with customers by being clear and transparent about what and how their personal information is being processed - GDPR sets out the type of information of which businesses need to inform their users.
- Businesses that use Third Party hosted services should understand the implications of their new privacy policies and inform customers of the changes and update its own privacy notices.
How can you achieve transparency in your privacy notices?
- Avoid using words such as “may”, “might”, “some”, “often”, etc as they are purposefully vague.
- Use headings to structure information clearly.
- Consider the multiple channels your privacy notice could be communicated such as email, social media posts and website notices.
- Use a variety of techniques to convey key privacy information (e.g. using layered approach, videos, images or automated phone system).
- Establish different privacy notices for different types of service offerings.
- Have a clear privacy tab and FAQ on your website, not a link at the bottom of a web page
Get in touch
Please get in touch directly with Ann Lee, a Data Privacy Consultant or drop an email to the privacy team for more information at privacy services or visit privacy and data protection.
Contact us today