The document provides feedback on changes to a privacy request form and policy. It recommends simplifying the form by removing references to different data types and instead having one form. It also recommends removing the "Minor" option and just having "Parent/Guardian" as it is not legally required. Additionally, it notes the form is only for the rights to know, correct and delete personal data and that links should be provided for opt-out and limit use rights.
The document provides feedback on changes to a privacy request form and policy. It recommends simplifying the form by removing references to different data types and instead having one form. It also recommends removing the "Minor" option and just having "Parent/Guardian" as it is not legally required. Additionally, it notes the form is only for the rights to know, correct and delete personal data and that links should be provided for opt-out and limit use rights.
The document provides feedback on changes to a privacy request form and policy. It recommends simplifying the form by removing references to different data types and instead having one form. It also recommends removing the "Minor" option and just having "Parent/Guardian" as it is not legally required. Additionally, it notes the form is only for the rights to know, correct and delete personal data and that links should be provided for opt-out and limit use rights.
say: "Please complete the request form. Refer to our Privacy Policy if you have any questions about these rights or to contact us." (Yes, with a link.)
FYI on these deletions:
1. "Consumer" is fine—3 types just
confuse everyone. 2. Under GG's default Privacy Policy approach, employees and applicants are directed to a separate queue (different data/storage/personnel) 3. "Parent/Guardian" would be fine, though not legally req'd, but it shouldn't include "Minor." We recommend removing it because OneTrust's form still asks for info about one person if this option is chosen (who?).
FYI on these changes: this
request form is only for the rights to know, correct and delete.
⦿Your service will include
homepage links to exercise the "opt- out" and "limit use" rights, if they are in scope. ⦿You will process opt-ins whenever required at the time the person is opting in (like when consenting to receive SMS). ⦿The right to know doesn't need to be split in two. You'll provide responsive information.