The Layered Privacy Notice is a crucial compliance document required under German data protection law and the GDPR for organizations processing personal data. It serves as a transparent communication tool between data controllers and data subjects, providing information about data processing activities in an accessible, tiered format. The document is structured to meet the requirements of the German Federal Data Protection Act (BDSG), the GDPR, and other relevant German privacy laws, while following the layered notice approach recommended by European data protection authorities. This format allows organizations to present complex privacy information in a way that is both comprehensive and user-friendly, with increasing levels of detail in each layer.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Your data doesn't train Genie's AI
You keep IP ownership of your docs
Alternatively...
1. Layer 1 - Key Information Overview: Brief summary of essential privacy information, including identity of controller, purposes of processing, data subject rights, and how to access more detailed information
2. Layer 2 - Detailed Information: Comprehensive section containing all required privacy information
3. Identity and Contact Details: Information about the data controller and DPO contact details
4. Processing Purposes and Legal Bases: Detailed explanation of why personal data is processed and the legal grounds for processing
5. Categories of Personal Data: List and description of personal data types being processed
6. Recipients and Transfers: Information about who receives the data and any international transfers
7. Retention Periods: Information about how long different types of personal data are kept
8. Data Subject Rights: Explanation of individual rights under GDPR and how to exercise them
9. Automated Decision-Making: Information about any automated decision-making or profiling
10. Cookie Information: Details about cookie usage and related technologies as required by TTDSG
1. Specific Processing Activities: Additional section for specific processing activities like marketing, CCTV, or employee monitoring, used when these specific activities are relevant
2. Children's Privacy: Required when services are offered to children or their data is processed
3. Special Categories of Data: Required when processing sensitive personal data under Article 9 GDPR
4. Joint Controller Information: Required when there are joint controllers under Article 26 GDPR
5. Specific German Requirements: Additional section for specific German law requirements, needed when processing activities fall under special German regulations
1. Cookie List: Detailed list of all cookies used, their purposes, and duration
2. Third Party Recipients: Detailed list of third-party data recipients and their roles
3. Processing Activities Register Extract: Detailed overview of specific processing activities for transparency
4. Technical and Organizational Measures: Overview of security measures implemented to protect personal data
Authors
Find the document you need
Privacy Notice For Employees
A GDPR and German BDSG-compliant privacy notice detailing how employee personal data is processed throughout the employment relationship.
Download
Layered Privacy Notice
A German law-compliant layered privacy notice providing structured transparency about personal data processing in accordance with GDPR and BDSG requirements.
Download
Data Privacy Notice
A mandatory document under German law and GDPR that informs individuals about how their personal data is processed and protected.
Download
Privacy Notice For Customers
A GDPR and German BDSG-compliant privacy notice explaining how organizations handle customer personal data in Germany.
Download
Data Protection Policy And Privacy Notice
A German law-compliant policy and notice document outlining an organization's data protection and privacy practices under GDPR and German Federal Data Protection Act requirements.
Download
Online Privacy Notice
A German law-compliant Online Privacy Notice detailing personal data handling practices and user rights under GDPR and German data protection regulations.
Download
Cookie Consent Notice
A GDPR and German law-compliant Cookie Consent Notice outlining website cookie usage and user consent rights.
Download
Data Privacy Notice And Consent Form
A GDPR and German BDSG-compliant Data Privacy Notice and Consent Form outlining data processing activities and obtaining valid consent from data subjects.
Download
Website Privacy Notice
A GDPR and German law-compliant privacy notice outlining website data collection and processing practices.
Download
Genie’s Security Promise
Genie is the safest place to draft. Here’s how we prioritise your privacy and security.
Your data is private:
We do not train on your data; Genie’s AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
We are ISO27001 certified, so your data is secure
Organizational security:
You retain IP ownership of your documents and their information
You have full control over your data and who gets to see it
