Back

Include the privacy programs the organization is a member of in the privacy policy.


CONTROL ID
12365
CONTROL TYPE
Establish/Maintain Documentation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Define what is included in the privacy policy., CC ID: 00404

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • In addition, organisations must make their privacy policies reflecting the Principles public (or, in the case of human resources data, make them readily available to the concerned individuals) and provide links to the DoC's website (with further details on certification, the rights of data subjects … (2.2.4 (28), COMMISSION IMPLEMENTING DECISION of 10.7.2023 pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the adequate level of protection of personal data under the EU-US Data Privacy Framework)
  • The Department will maintain and make publicly available the Data Privacy Framework List of organizations that have filed completed, initial self-certification submissions and will update that list on the basis of completed, annual re-certification submissions, as well as notifications received purs… (III.6.d., EU-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES)
  • name of any privacy program in which the organization is a member; (ยง III.6.b.iii.5., EU-U.S. Privacy Shield Framework Principles)
  • The Principles apply immediately upon self-certification. Participating organizations that previously self-certified to the Swiss-U.S. Privacy Shield Framework Principles will need to update their privacy policies to instead refer to the "Swiss-U.S. Data Privacy Framework Principles". Such organizat… (iii.6.e., SWISS-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES)
  • The Department will maintain and make publicly available the Data Privacy Framework List of organizations that have filed completed, initial self-certification submissions and will update that list on the basis of completed, annual re-certification submissions, as well as notifications received purs… (iii.6.d., SWISS-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES)
  • The Department will maintain and make publicly available the Data Privacy Framework List of organizations that have filed completed, initial self-certification submissions and will update that list on the basis of completed, annual re-certification submissions, as well as notifications received purs… (III.6.d., UK EXTENSION TO THE EU-U.S. DATA PRIVACY FRAMEWORK PRINCIPLES)