Back

Include the privacy policy's Uniform Resource Locator in the privacy policy.


CONTROL ID
12363
CONTROL TYPE
Establish/Maintain Documentation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Define what is included in the privacy policy., CC ID: 00404

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • In addition, organisations must make their privacy policies reflecting the Principles public (or, in the case of human resources data, make them readily available to the concerned individuals) and provide links to the DoC's website (with further details on certification, the rights of data subjects … (2.2.4 (28), COMMISSION IMPLEMENTING DECISION of 10.7.2023 pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequate level of protection of personal data under the EU-US Data Privacy Framework)
  • if the organization has a public website, the relevant web address where the privacy policy is available, or if the organization does not have a public website, where the privacy policy is available for viewing by the public; and (III.6.b.iii.1., EU-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES)
  • The Department will maintain and make publicly available the Data Privacy Framework List of organizations that have filed completed, initial self-certification submissions and will update that list on the basis of completed, annual re-certification submissions, as well as notifications received purs… (III.6.d., EU-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES)
  • a link to the Department’s Data Privacy Framework website; (III.11.d.ii.(2), EU-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES)
  • information on or a link to the Principles’ requirements for independent recourse mechanisms; (III.11.d.ii.(1), EU-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES)
  • if the organization has a public website, the relevant web address where the privacy policy is available, or if the organization does not have a public website, where the privacy policy is available for viewing by the public; (§ III.6.b.iii.1., EU-U.S. Privacy Shield Framework Principles)
  • The Department will maintain the Privacy Shield List of organizations that file completed self-certification submissions, thereby assuring the availability of Privacy Shield benefits, and will update such list on the basis of annual self-recertification submissions and notifications received pursuan… (§ III.6.d., EU-U.S. Privacy Shield Framework Principles)
  • The Department will maintain the Privacy Shield List of organizations that file completed self-certification submissions, thereby assuring the availability of Privacy Shield benefits, and will update such list on the basis of annual self-recertification submissions and notifications received pursuan… (§ III.6.d., EU-U.S. Privacy Shield Framework Principles)
  • Independent recourse mechanisms must include on their public websites information regarding the Privacy Shield Principles and the services that they provide under the Privacy Shield. This information must include: (1) information on or a link to the Privacy Shield Principles' requirements for indepe… (§ III.11.d.ii., EU-U.S. Privacy Shield Framework Principles)
  • if the organization has a public website, the relevant web address where the privacy policy is available, or if the organization does not have a public website, where the privacy policy is available for viewing by the public; and (iii.6.b.iii.1., SWISS-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES)
  • a link to the Department's Data Privacy Framework website; (iii.11.d.ii.(2), SWISS-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES)
  • information on or a link to the Principles' requirements for independent recourse mechanisms; (iii.11.d.ii.(1), SWISS-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES)
  • The Department will maintain and make publicly available the Data Privacy Framework List of organizations that have filed completed, initial self-certification submissions and will update that list on the basis of completed, annual re-certification submissions, as well as notifications received purs… (iii.6.d., SWISS-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES)
  • if the organization has a public website, the relevant web address where the privacy policy is available, or if the organization does not have a public website, where the privacy policy is available for viewing by the public; and (III.6.b.iii.1., UK EXTENSION TO THE EU-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES)
  • The Department will maintain and make publicly available the Data Privacy Framework List of organizations that have filed completed, initial self-certification submissions and will update that list on the basis of completed, annual re-certification submissions, as well as notifications received purs… (III.6.d., UK EXTENSION TO THE EU-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES)
  • a link to the Department’s Data Privacy Framework website; (III.11.d.ii.(2), UK EXTENSION TO THE EU-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES)
  • information on or a link to the Principles’ requirements for independent recourse mechanisms; (III.11.d.ii.(1), UK EXTENSION TO THE EU-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES)