All it’seeze sites have a page called Privacy for your privacy policy. The General Data Protection Regulation (GDPR) requires you to document your lawful basis for processing personal data. It also gives your customers and site visitors rights over how their data is processed. Your privacy policy documents the data you collect, why and how you process it, and how your customers and site visitors can exercise their rights.



Editing your privacy policy

Above your privacy policy is a privacy policy bar, as shown in figure 1.


Figure 1. a privacy policy bar


Click on the privacy policy bar to open the privacy policy window, as shown in figure 2.


Figure 2. the privacy policy window


The privacy policy window lets you change the following settings:


Modification date

The date the policy was modified. This date should be updated when you make any policy changes, but does not need to be updated if you are only correcting spelling or reorganising information.


Data controller

The legal name of your organisation.


Address

The contact address for your organisation. If you have appointed a Data Protection Officer you can leave this blank.


DPO name

The name of your Data Protection Officer, if you have appointed one.


DPO address

The contact address for your Data Protection Officer, if you have appointed one.


Data you process

Details of data you process. You can add new data and edit or delete existing data.


Click OK to apply the changes to the privacy policy. Click Cancel to return to the page without changing the privacy policy.



Editing data

When you cllick to add or edit data the data window, as shown in figure 3, will open.


Figure 3. the data window


The data window lets you change the following settings:


Type of data

The type of data. This determines the section of the privacy policy in which the details will appear. View examples of the types of data.


Title

A title for the subsection of the privacy policy describing the data.


Description

A description giving details of the data collected and why and how you process it.


Lawful basis for processing

The GDPR allows personal data to be processed for one of six reason. These are described in detail on the Information Commissioner’s Office site.


Reason

An explanation of why the selected lawful basis applies.


Click OK to apply the changes to the data. Click Cancel to return to the privacy policy window without changing the data.