<aside> ⚖️ What the law says: The General Data Protection Regulation (GDPR) governs the processing of personal data within the European Union and enhances citizens' control over the use of their personal data.

The GDPR applies to all organizations that process personal data, regardless of whether it is for themselves or on behalf of others. It applies to organizations that are established in the European Union or whose activities directly target European residents. The GDPR also extends to subcontractors who process personal data on behalf of other organizations.

Failure to comply with the GDPR can result in significant financial penalties, which can amount to up to 20 million euros or 4% of the global annual turnover for companies.

</aside>

Develop your GDPR and Data Protection policies

⇒ Create a comprehensive data protection policy that outlines how your organisation handles personal data.

GDPR Policy template (by Apiday):

GDPR Policy template_Apiday.pdf

Data Protection Policy template (by Apiday):

Data security policy template_Apiday.pdf

GDPR compliance checklist


GDPR Toolkit (by the CNIL):

GDPR toolkit

Code of Conduct Guidelines (by the CNIL):

https://www.cnil.fr/sites/cnil/files/2023-06/graphic_design_code_of_conduct.pdf