Why is your Privacy Notice important? Here is what the ICO says:

​

"The right to be informed covers some of the key transparency requirements of the GDPR. It is about providing individuals with clear and concise information about what you do with their personal data.

​

Articles 13 and 14 of the GDPR specify what individuals have the right to be informed about. We call this ‘privacy information’.

Using an effective approach can help you to comply with other aspects of the GDPR, foster trust with individuals and obtain more useful information from them.

​

Getting this wrong can leave you open to fines and lead to reputational damage."

​

So is a Privacy Notice a reflection of an organisation’s overall GDPR compliance? Maybe, maybe not. It is likely that any organisation that has taken the time to put together and publish a thorough, well written Privacy Notice has applied the same to their compliance processes but of course this is not guaranteed nor is the fact that a poor Privacy Notice means an organisation is inherently non-compliant. Either way it should not just be seen as a box ticking compliance exercise but as another way the organisation is marketing itself.

 

A few months ago few of us would have ever read a privacy notice but a combination of GDPR, the ICO’s promotional campaigns and high profile cases like Facebook, consumers are becoming considerably more data savvy and likely to start using an organisations data protection credentials as a differentiator when choosing goods or services.

 

The 2twenty4 PNI is a 30 point assessment of an organisation’s Privacy Notice using criteria based on the ICO’s published guidance. The highest available score is 165 which is assessed in four key areas:

 

Detail of processing information

Ease of navigation

Description of rights

Use of 'consumer' language

​

If you would like your site assessed or would like us to provide similar analysis for your industry fill in the form below or contact us at info@2twenty4consulting.com