Mechanisms exist to:
- Make data privacy notice(s) available to individuals upon first interacting with an organization and subsequently as necessary;
- Ensure that data privacy notices are clear and easy-to-understand, expressing information about Personal Data (PD) processing in plain language that meet all legal obligations; and
- Define the scope of PD processing activities, including the geographic locations and third-party recipients that process the PD within the scope of the data privacy notice.
Does the organization:
- Make data privacy notice(s) available to individuals upon first interacting with an organization and subsequently as necessary;
- Ensure that data privacy notices are clear and easy-to-understand, expressing information about Personal Data (PD) processing in plain language that meet all legal obligations; and
- Define the scope of PD processing activities, including the geographic locations and third-party recipients that process the PD within the scope of the data privacy notice?