P freeprivacypolicy.app
Blog

GDPR privacy policy requirements: complete checklist

The eleven items GDPR Articles 13 and 14 require in every privacy notice.

By FreePrivacyPolicy Editorial Team · Privacy compliance editors · Compliance · 3 min read

Generate GDPR-ready policy Free · no signup · hosted public URL

The eleven mandatory items

  1. Identity and contact details of the controller
  2. Contact details of the DPO (if applicable)
  3. Purposes and legal bases for processing
  4. Legitimate interests pursued (if relevant)
  5. Recipients or categories of recipients
  6. International transfers and safeguards
  7. Retention periods or criteria
  8. Existence of data subject rights
  9. Right to lodge a complaint with a supervisory authority
  10. Whether provision is statutory or contractual
  11. Existence of automated decision-making, including profiling

Ready to publish?

Answer six questions, get a hosted public URL the App Store, Google Play, and ad networks accept. No credit card.

Generate GDPR-ready policy

Related reading

Compliance

GDPR privacy policy generator

Generate a privacy policy that maps cleanly to GDPR Articles 13, 14, and 15 — for free.

Guide

GDPR complete guide: privacy policy requirements

Everything you need to know about GDPR privacy policies — without reading 88 articles of legal text.