Back to overview Criteria 5

Transparency and control of data

The company complies with applicable standards, legislation and good practice for data processing in relation to externally directed activities which include the processing of personal data.

5.1 Information relating to personal data

In the specific situation, the company should account for the personal data being collected and how it is to be processed.

5.1.1 Duty of disclosure to the data subject
5.1.2 Disclosure of business partners that data is shared with

5.2 Cookies

The company should offer visitors to its website the freedom to choose when it comes to data collection using cookies and other similar technologies, and produce a technical solution which supports this freedom.

5.2.1 Cookie information and user-friendliness

5.3 Control of own personal data

The company should make it easy for data subjects to exercise their rights over their own data.

5.3.1 User control of own personal data

5.4 Accessible guidance on how to complain

It should be easy for the subject to understand how to object to any particular processing of their personal data, or how consent given previously can be withdrawn.

5.4.1 Accessible guidance on how to complain with regard to responsible use of data and IT security

Skip to content