Table of Contents
- Are located in the European Union;
- Offer goods or services to European Union residents (regardless of your location);
- Monitor the behavior of European Union residents (regardless of your location).
It is important to note that having a website that could be accessed in the European Union is not sufficient to establish the offering of goods or services. However, if your website accepts payments in Euros, you act on purchase orders from the European Union, your website is displayed in one of the European Union languages (e.g. French), or you mention customers from the European Union on your website, then you are probably offering goods or services to European Union residents and thus GDPR applies to you.
- Your name and contact information;
- What personal data you collect;
- Purposes for which you will be using the personal data;
- Whether you will use personal data for direct marketing purposes;
- Whether you share personal data. If you do share personal data, you will also need to list the categories of third parties with whom such data is shared;
- The legal bases under which you process personal data;
- The privacy rights provided to individuals;
- How individuals can exercise their privacy rights;
- The fact that individuals can file a complaint regarding the processing of their personal data;
- How long you store personal data;
- Information regarding automated decision making, if you engage in such processing;
- Information regarding profiling, if you engage in such processing;
- Where you will process personal data, including whether personal data will be transferred outside of the European Union;
- If you have a Data Protection Officer, you will need to list their contact details; and
Does GDPR require a cookie consent banner?