One - or hundreds depending on how you want to count them.
In any complex organisation it will be almost impossible to manage this without a layered approach. ICO CoP is good on examples but I strongly recommend setting aside an hour to go through A29WP260 on Transparency. Esp 29-33 - and spot the clear conflict between "The data subject must not have to take active steps to seek the information ..." in 29 and practically all of 33
I will push for one main PN,on the website to which all others will point in some way such as "For further information about your rights and how we look after your info see [URL]"
The top one or two layers will be context specific and based on the "impact on the data subject" - see para 30. So today I did the top PN for a survey monkey form which asked for optional contact details by consent for specified purposes. The top PN dealt with legal basis, granular consent, stressed it was optional, right to withdraw and everything else follow the link. For recruitment (not even started that) top level will be more detailed and I already know it will mention social media searches - clear impact as even if we banned them they would happen ...
I actually like the ICO approach https://ico.org.uk/global/privacy-notice/ although I might prefer sub-pages as my current employer is more complex. If nothing else he could hardly find fault if auditing us for transparency compliance :-)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|