This Guide provides a general introduction to how controllers (website and app owners) can meet GDPR requirements with regard to which information (content) and how information (quality, understandability and accessibility) must be provided to data subjects (end users) by controllers with regard to GDPR Art 13 and 14.

This guide has the following table of contents:

What to do?

Privacy Policy Content: Is Article 13 or 14 information provided?

Privacy Policy Content: Must information be linked?

Privacy Policy Content: Must a specific processing operation be separate?

Privacy Policy Content: Must a single specific purpose be limited?

Privacy Policy Content: Is information understandable?

Privacy Policy Content: Is form of information easily accessible?

Privacy Policy Content: Is format of information easily accessible?

Privacy Policy Content: Can text be supplemented by icons etc?

Privacy Policy Content: Must information changes be tracked by versions?

Privacy Policy Content: Must users be notified of information changes?

Privacy Policy Dialogue: Provided free of charge?

Privacy Policy Dialogue: Is dialogue easily accessible?

Privacy Policy Dialogue: Is action to view Privacy Policy understandable?

Privacy Policy Dialogue: Is action to view specific parts of the Privacy Policy provided?

Privacy Policy Dialogue: Who provides information in case of joint controllership?

Privacy Policy Dialogue: When to provide information where data is collected directly from the data subject?

Privacy Policy Dialogue: When to provide information where data have not been obtained from the data subject?

Privacy Policy Dialogue: When to provide information where further processing for a new purpose is intended?

Privacy Policy Dialogue: When to provide information if information is changed?

This guide will soon be available for all Signatu members only.

This guide is accompanied with a Technical Guide on how to use Signatu self-service tools to help you build sites that your users trust with their data, including:

Trackerdetect - scan your website to discover and manage 3rd party cookies and scripts.
Consent - manage your user’s consent and/or refusals to data processing activities. Includes tools to manage specifications and texts to present to the users.
Policy - map out the data processing activities in your organization and automatically generate Privacy Policies in multiple languages. Policies can be distributed through our Content Delivery Network (CDN).

We take care of a lot of the heavy lifting to help you comply with regulations, including the GDPR.

You can reach us at: hello@signatu.com

GDPR Privacy Policy Guide

This guide has the following table of contents:

What to do?

Privacy Policy Content: Is Article 13 or 14 information provided?

Privacy Policy Content: Must information be linked?

Privacy Policy Content: Must a specific processing operation be separate?

Privacy Policy Content: Must a single specific purpose be limited?

Privacy Policy Content: Is information understandable?

Privacy Policy Content: Is form of information easily accessible?

Privacy Policy Content: Is format of information easily accessible?

Privacy Policy Content: Can text be supplemented by icons etc?

Privacy Policy Content: Must information changes be tracked by versions?

Privacy Policy Content: Must users be notified of information changes?

Privacy Policy Dialogue: Provided free of charge?

Privacy Policy Dialogue: Is dialogue easily accessible?

Privacy Policy Dialogue: Is action to view Privacy Policy understandable?

Privacy Policy Dialogue: Is action to view specific parts of the Privacy Policy provided?

Privacy Policy Dialogue: Who provides information in case of joint controllership?

Privacy Policy Dialogue: When to provide information where data is collected directly from the data subject?

Privacy Policy Dialogue: When to provide information where data have not been obtained from the data subject?

Privacy Policy Dialogue: When to provide information where further processing for a new purpose is intended?

Privacy Policy Dialogue: When to provide information if information is changed?

This guide will soon be available for all Signatu members only.

Signatu Legal Guide on site owners' duties when having 3rd parties on their websites

Signatu introduces for its members "GDPR Privacy Policy Guide".

This guide has the following table of contents:

GDPR Privacy Policy Guide

What to do?

Privacy Policy Content: Is Article 13 or 14 information provided?

Privacy Policy Content: Must information be linked?

Privacy Policy Content: Must a specific processing operation be separate?

Privacy Policy Content: Must a single specific purpose be limited?

Privacy Policy Content: Is information understandable?

Privacy Policy Content: Is form of information easily accessible?

Privacy Policy Content: Is format of information easily accessible?

Privacy Policy Content: Can text be supplemented by icons etc?

Privacy Policy Content: Must information changes be tracked by versions?

Privacy Policy Content: Must users be notified of information changes?

Privacy Policy Dialogue: Provided free of charge?

Privacy Policy Dialogue: Is dialogue easily accessible?

Privacy Policy Dialogue: Is action to view Privacy Policy understandable?

Privacy Policy Dialogue: Is action to view specific parts of the Privacy Policy provided?

Privacy Policy Dialogue: Who provides information in case of joint controllership?

Privacy Policy Dialogue: When to provide information where data is collected directly from the data subject?

Privacy Policy Dialogue: When to provide information where data have not been obtained from the data subject?

Privacy Policy Dialogue: When to provide information where further processing for a new purpose is intended?

Privacy Policy Dialogue: When to provide information if information is changed?

This guide will soon be available for all Signatu members only.