Knowledgebase

Tag Cloud

android apple drive ftp gmail google drive ios macosx migration security

Support

Does the legislation require you have to put contact details in the 'who is responsible' and the 'who to contact' sections?

Yes, privacy legislation absolutely requires you to provide contact details in your Privacy Policy.

Nearly all modern comprehensive privacy laws mandate the inclusion of contact information to fulfill two crucial requirements: enabling individuals to exercise their rights and ensuring organizational accountability.

1. Contact for Exercising Privacy Rights

Laws require you to provide clear and accessible methods for individuals to exercise their rights (such as the right to access, delete, or opt-out). Providing specific contact information (or a mechanism to contact) is central to this.

  • GDPR / UK DPA: Requires contact details for the Data Controller (the company) and the Data Protection Officer (DPO), if one is appointed.

  • US State Laws (CPRA, VCDPA, CPA, UCPA, Connecticut SB6): Mandate the inclusion of contact methods (e.g., dedicated email address, toll-free number, or online form) for consumers to submit requests to exercise their rights (e.g., Right to Delete, Right to Opt-Out of Sale/Sharing).

Primary Goal: To ensure that if an individual needs to exercise their privacy rights, they can easily find who to contact to do so.

2. Contact for Accountability and Oversight

Certain laws require you to name the person or role specifically responsible for the entire privacy program. This ensures that the organization can be held accountable.

  • PIPEDA (Canada): Requires organizations to designate an individual who is accountable for the organization's compliance with the Act.

  • Quebec Law 25: Explicitly states that the most senior person in the organization is the designated person responsible for personal information protection (the "Privacy Officer"), and their title and contact information must be published.

  • Australia Privacy Act 1988: Requires regulated entities to have clear and up-to-date policies on managing personal information, a requirement often fulfilled by naming a designated Privacy Officer or contact point.

Primary Goal: To designate someone within the company as the responsible person for the website's privacy and all related matters, ensuring there is a final decision-maker on all privacy issues.

Summary of Required Contact Details

To comply with the various global requirements, your Privacy Policy should generally include:

  • The legal entity name and address (The Data Controller).

  • A dedicated email address for privacy and rights requests.

  • The name and title of the person responsible for privacy/data protection (e.g., Data Protection Officer, Privacy Officer, or equivalent role), along with their contact details.

Was this answer helpful?

0 Users Found This Useful

Related Articles

How to embed the code on my Wordpress site?

Here's Hans with a helpful video on how to embed your Privacy Policy on your Wordpress website.

How to add code on my Squarespace website?

Here's Hans of Termageddon to show you how to embed your code on to a Squarespace website.

How to embed your Privacy Policy on your website

After generating your policies, you will be provided with an embed code. This embed code is...

Can I change the styling?

You can update the styling of the policy on your site. There is nothing fancy going on, it uses...

Should you consolidate all policies onto one page?

You need a separate page for each policy because the law says so. Article 7 of General Data...