In continuation to our law post (link here- https://worldprivacylaw.com/?p=804) we are sharing the department wise compliance checklists in bullet points. The remaining points we did not share in our earlier two posts, hence, we tried concluding the entire outstanding points in this post. The privacy law professionals might find it helpful and interesting.
G) Sales
- Comply with DNC registry
- Have procedures in place for seeking consents (opt-in/opt-out) from the target audience and maintain and honour the same prior to contacting them subsequently.
H) Marketing
- Ensure all websites have a website privacy policy
- Ensure all websites have a cookie solution deployed which ensure compliance with the applicable Cookie laws and e-privacy directives
- Comply with DNC registry
- Have procedures in place for seeking consents (opt-in/opt-out) from the target audience and maintain and honour the same prior to contacting them subsequently.
I) Delivery (Client project execution)
- Do not process PII/SPI of the client (or their end customers) without applicable Data Processing Agreement (DPA) with the Client
- Ensure data privacy requirements agreed in the DPA and also which are directly applicable as per GDPR are complied with during the execution of the project and all records are maintained
- Ensure all project team members are trained on applicable DP laws and also on those DP requirements agreed with the Client.
Please note that there are some General data privacy Implementation ideas to all the organizations and they are –
- Develop a privacy compliance program
- Appointment of privacy officer
- Data privacy policies
- Daft Cookies policies
- Consent
- Third-party relationship
- Clean desk policy
- System/screen lock
- Adopt procedures in case of physical copies of personal information
- Awareness among the employees and weekly/monthly interactions with the data protection officer
- Data retention policies
Picture Credit- https://codesealer.com/