Legal

Privacy Notice

A document informing individuals about how their personal data is collected, used, and protected — often used interchangeably with privacy policy.

A privacy notice (often called a privacy policy) is a statement that discloses how an organisation collects, uses, shares, and protects personal data.

Identity and contact details of the data controller and DPO
The purposes and legal basis for processing
Recipients or categories of recipients
Details of international transfers
Retention periods
Data subject rights
Right to lodge a complaint with a supervisory authority
Whether data provision is a statutory or contractual requirement
The existence of automated decision-making, including profiling

Notice vs Policy

While often used interchangeably, a privacy notice is the external-facing document for data subjects, while a privacy policy can also refer to internal organisational policies.

Legal Reference

GDPR Articles 13 and 14.

Related Terms

Data ControllerPrivacy

The entity that determines the purposes and means of processing personal data.

Data RetentionPrivacy

The policies and practices governing how long personal data is stored before being deleted or anonymized.

GDPRLegal

The General Data Protection Regulation — the EU's comprehensive data protection law, effective since May 2018.

Legal BasisLegal

The lawful ground under which personal data may be processed — the GDPR defines six possible bases.

Privacy PolicyCompliance

A public document that explains how an organisation collects, uses, stores, and shares personal data.

Privacy Impact Assessment Privacy Policy

Privacy Notice

Required Content Under GDPR

Notice vs Policy

Legal Reference

Related Terms