Background: I decided to write my own privacy policy for a personal side project of mine. It ended up being an interesting exercise for me, and I thought I'd share the final text.
It's a simple, static website put together with Jekyll; nevertheless, I realized that I do come into contact with user data in the course of publishing this small side project. Writing my own privacy policy, instead of pasting in from boilerplate, forced me to think about all the user data that I might come in contact with, and explain both the technical background for laypeople and my rationale for collecting the data in the first place.
If this was for the purpose of GDPR and not just informing users I don't believe your website is GDPR compliant. Thank you for being transparent however.
This is actually one of the reasons I posted this, because I'm not sure, I'm not a lawyer and while I'm hopeful I got it right, I'd love guidance if I got it wrong.
Can you elaborate? What am I missing / what would I need to do to be GDPR compliant?
3 comments
[ 3.3 ms ] story [ 15.8 ms ] threadIt's a simple, static website put together with Jekyll; nevertheless, I realized that I do come into contact with user data in the course of publishing this small side project. Writing my own privacy policy, instead of pasting in from boilerplate, forced me to think about all the user data that I might come in contact with, and explain both the technical background for laypeople and my rationale for collecting the data in the first place.
Can you elaborate? What am I missing / what would I need to do to be GDPR compliant?