Use this customizable PeopleGoal Data Protection Policy template as an outline for your company’s employment policies. The PeopleGoal Data Protection Policy describes terms for data protection rules, which apply to American companies. Simply adjust the information in the brackets to suit your company’s needs.
This company takes data protection very seriously. With the increasing ransomware attacks and data breach leaks, cyber security has never been more important than it is now. That’s why our company has instituted a Data Protection Officer charged with monitoring and ensuring compliance with privacy laws.
As an American owned and operated company, this company is generally not subject to European data protection legislation such as the GDPR. However, if we opt to work with, employ, or collect data from any persons based in the European Union or European Economic Area, the following rules apply.
Any company that holds any data on European Union citizens, or European Union based persons, from personal information such as credit cards numbers to even a simple a photo of the citizen, is subject to GDPR. For this reason, we frequently assess what data we possesses, where and how it’s retained, and set legally defensible policies for how that data will be collected, managed, and destroyed. Each department has appointed a Data Protection Officer charged with performing a Privacy Impact Assessment and managing this information.
GDPR is designed to protect every EU citizen’s personal data. This company works to ensure security of data through data backup, early protection, preventative monitoring, spam filters, and employee awareness training. Employees of this company that reside or work in the European Union are allowed to request copies of their data at any time.
As an American owned and operated company, this company is subject to California’s privacy laws including the California Consumer Privacy Act and the California Online Privacy Protection Act. We strive to comply with these laws and protect the data of citizens.
The California Consumer Privacy Act affords California residents an array rights, including the right to be informed about what kinds of personal data companies have collected and why it was collected. The law stipulates that consumers have the right to request the deletion of personal information, opt out of the sale of personal information, and access the personal information in a “readily useable format” that enables its transfer to third parties without hindrance. This law comes into effect in 2020, and the Data Protection Officer will ensure that our company is compliant by that date.
Disclaimer: The PeopleGoal Policies are general templates and should only be used as a basis for company policies. Please take into account all local, state, and federal laws when drafting your company’s final policies. This is not a legal document or a contract, and PeopleGoal will not assume any legal liability associated with the use of this document.