How can this document be made consistent with legal requirements? Without many hurdles, some of the applicable privacy laws need all information intended for users to be quite clear and even not much longer.
It was in 2019 that the French supervisory authority fined Google LLC along with Google France SARL especially in terms of lack of transparency in personal data processing and failure to provide adequate information regarding the processing of such data (Such a case was processed under the GDPR).
The Commission Nationale de l’Informatique et des Libertes (CNIL) alleged that information pertaining to personal data processing which was provided by Google to its users was not transparent even in the slightest terms. Thus it could not be considered as a policy that is accessible and understandable.
- It should be segregated into different sections clearly.
- Information that is true and verified should be a key part of it.
- A brief introduction.
- The app owner’s identity and contact details.
- The kind of data collected and its purpose.
- Legal basis of processing.
- Data retention and methods of erasing data.
- Information about the right to opt-out of the app.
- Information regarding disclosure of data (data recipients).
- Transfer of personal data to other countries or territories.
- Information regarding profiling.
- Rights of users in terms of their personal data.
- Information about third-party service providers.