The nine most important areas you should include in your personal data protection policy Michal Sztaberek April 5, 2023 CATEGORIES Data protection Guides Procdures&Audits GDPR It seems that the personal data protection policy (hereinafter referrd to as PODO) is the basic document describing the rules applicable in the organization in the subject we are interestd in,  personal data protection. PODO can be written in many different ways.

Procedure it seems appropriate for

It can be turnd into a quite extensive and detaild document, or you can go towards something a bit more general, but referring to Latest Mailing Database more extensive and containing specific obligations, orders, prohibitions, etc. attachments. Personally, I prefer the latter model of PODO preparation and it is on it that I will focus in the following article. 1. Purpose and scope It’s kind of obvious-obvious, to quote a classic. In any case, defining the purpose and scope of a given procdure / document is an absolute basis.

Be included in the personal data protection

In the case of PODO, the overriding goal is to regulate. In one or several documents – all areas that relate to data processing Country List processes. And technical and organizational measures adoptd in the organization. Of course, it can be further developd, but as I mentiond above – this is the main purpose of PODO. And the range? Well, personal details… 2. Responsibility If you do not assign responsibility for the document, do not count on anyone to prepare any updates, reviews, etc. And yet at every training they shout: the implementation of the GDPR is a process, not a one-off activity.