GDPR Compliance is the very regulation that spells out the basic requirements for the protection of personal data. The official site where all the information is presented is https://gdpr.eu/. For information in Russian, you can also go to the Microsoft website https://docs.microsoft.com/ru-ru/compliance/regulatory/gdpr.
1. The GDPR requires that all information be provided in a language that is understandable to the user, without the use of complex legal terms.
2. It is necessary to display a detailed description of the process of collecting and processing data.
3. Provide information about what role you are performing - controller or handler. It is also necessary to indicate who collects the data and who processes it - the name, contact details, and location of the individual or the legal data of the company. The contact information of third parties to whom the user's data is transferred (for example, a marketer or targeting specialist) should also be indicated.
4. For what purpose the data is collected and how it will be used
5. Period of storage of user data (after the expiration of the period, user data must be deleted).
6. A separate item should contain information on the use of user data by artificial intelligence.
7. The PC should describe how the user can access his data to edit or delete them. When the user changes or deletes data, the information in the sources to which it was transferred must also be changed or deleted.
8. For each user action (registration on the site, subscribing to an e-mail newsletter, placing an order, applying, filling out a feedback form), separate information must be provided, where specific data can be used.
9. In case of information leakage, all users should be notified
10. At what level is the protection and storage of the user's data ensured?
12. Information about what will happen to the user's data in the event of the closure or bankruptcy of the online store, as well as in the event of its transfer or sale to another company.
1. Definition of terms
2. General provisions
4. Purpose of collecting personal information of the user
5. Methods and terms of processing personal information
6. Obligations of the parties
7. Responsibilities of the parties
8. Dispute Resolution
9. Additional information
You can also add documents that confirm ownership of the logo and corporate style of the company, for all photos, videos, text content, illustrations. If your materials are used on other resources, you can request that they be removed. And in case of non-fulfillment of the requirements - to resolve the issues through the court. Disclaimer, the materials must be truly copyrighted, to prove this you must have all the source materials on hand (designer's layouts, files with texts, etc.).