the rules to follow to be in order
Home » today » Health » the rules to follow to be in order

the rules to follow to be in order

by

How to set up forms in compliance with the GDPR? Let’s make the point.

Estelle Raffin / Published on

It is important to indicate the purposes of the processing in the forms: what will the collected data be used for? © Shi-stock.adobe.com

What to know before creating a form

The General Data Protection Regulation (GDPR) imposes some transparency on companies regarding the collection of personal data. When offered to fill out a form, this is direct data collection. Companies have an obligation of transparency towards the people who will provide their personal data.

Therefore, Internet users filling out a form should be able to:

  • Know the reason for the collection of the various data concerning them,
  • Understand the treatment that will be carried out with your data,
  • Control their data, facilitating the exercise of their rights, or allowing them to request the rectification of their data or even its complete cancellation.

Good to know: the CNIL has published a help page on the use of clearer terms for the general public in order to help organizations simplify the technical terms of the GDPR and thus make it easier for most internet users to understand.

The rules to know for a GDPR compliant form

Natural persons must be informed of the processing of their data “in a concise, transparent, understandable and easily accessible manner, in clear and simple terms”when they fill out the form (not after).

According to the CNILThe information that must be accessible when filling out a form is as follows:

  • Identity and contact details of the organization (this is the data controller),
  • Purpose of data processing (your objectives for this collection),
  • Legal basis for data processing,
  • Mandatory or optional nature of data collection,
  • Recipients or categories of recipients of the data,
  • Data retention period,
  • Rights of natural persons (rights of access, rectification, cancellation, etc.),
  • Contact details of the organization’s data protection officer (DPO) or personal data protection contact point,
  • Propose the possibility of making a complaint to the CNIL.

If it is an online form, it is for example possible to display a sentence that mentions the processing of personal data with a clickable link to a dedicated page where all the mandatory information is listed.

Good to know: You can use online tools to help you create your forms. These offer ready-to-use templates that you can customize with no technical skills required.

Two examples of personal data collection forms

The CNIL offers two roads view the requested information:

  1. View the minimum information about the collection medium.
  2. Show all the minimum information on two different supports (a first level of information on the questionnaire, then a second level of information in addition to the questionnaire).

Related posts:

Equality focuses on six residences the investigation for the entry of charges in the first vaccines
The main symptoms of coronavirus vary according to age and sex
What to do with a positive covid test: with and without symptoms | NHS
Rubella Symptoms and Treatment in Children: What You Need to Know
“Al Quoz Arts” celebrates its tenth edition

“Al Quoz Arts” celebrates its tenth edition

Lionel Messi: The agent denies the news of the upcoming transfer to Inter Miami

Lionel Messi: The agent denies the news of the upcoming transfer to Inter Miami

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.