The Notice of Personal Data Processing is a fundamental document required by both the EU General Data Protection Regulation (GDPR) and Danish data protection law. Organizations must provide this notice to individuals when collecting their personal data, whether directly or indirectly. The notice ensures transparency in data processing activities and helps organizations comply with their legal obligations under Article 13 and 14 of the GDPR. It must include specific information about the data controller, processing purposes, legal bases, data recipients, international transfers, retention periods, and data subject rights. In the Danish context, this notice must also comply with additional requirements set out in the Danish Data Protection Act and related regulations. The document should be written in clear, plain language and be easily accessible to all data subjects.
Create a bespoke document in minutes, or upload and review your own.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Get your first 2 documents free
Your data doesn't train Genie's AI
You keep IP ownership of your information
Key Requirements PROMPT example:
Notice Of Personal Data Processing
I need a Notice of Personal Data Processing for my Danish tech startup launching a new AI-powered fitness app in March 2025, which will collect user health data and activity metrics, with potential data transfers to our development team in the US.
1. Identity and Contact Details: Information about the data controller, including company name, registration number, address, and contact details of the Data Protection Officer (if applicable)
2. Types of Personal Data: Detailed description of the categories of personal data being processed
3. Purposes of Processing: Clear explanation of why the personal data is being collected and processed, including the legal basis for each purpose
4. Legal Basis: Specification of the legal grounds under Article 6 (and Article 9 if applicable) of GDPR for each processing activity
5. Recipients of Personal Data: Information about who receives or has access to the personal data, including any third-party processors
6. International Transfers: Details of any transfers of personal data outside the EU/EEA and the safeguards in place
7. Retention Periods: Information about how long personal data will be stored, or the criteria used to determine this period
8. Data Subject Rights: Explanation of individual rights under GDPR, including access, rectification, erasure, and data portability
9. Right to Withdraw Consent: Information about the right to withdraw consent where processing is based on consent
10. Right to Complain: Information about the right to lodge a complaint with the Danish Data Protection Agency
11. Automated Decision-Making: Information about any automated decision-making, including profiling, and its significance and consequences
1. Special Categories of Data: Additional information required when processing sensitive personal data under Article 9 GDPR
2. Employee Data Processing: Specific information about workplace monitoring and employee data processing, required when the notice applies to employees
3. Marketing Communications: Additional information required when personal data is used for direct marketing purposes
4. Cookie Information: Details about website cookies and similar technologies, required when the organization operates websites or apps
5. Children's Data: Special provisions for processing children's personal data, required when services are offered to children
6. CCTV Monitoring: Specific information about video surveillance, required when CCTV systems are in use
7. Biometric Data Processing: Additional information required when processing biometric data for identification purposes
1. Schedule 1 - Detailed Processing Activities: Comprehensive list of specific processing activities, including purposes, data categories, and retention periods
2. Schedule 2 - Third Party Processors: List of data processors, their locations, and the processing activities they perform
3. Schedule 3 - Technical and Organizational Measures: Description of security measures implemented to protect personal data
4. Schedule 4 - Cookie List: Detailed list of cookies used, their purposes, and duration
5. Schedule 5 - International Transfer Mechanisms: Details of transfer mechanisms used for international data transfers, including Standard Contractual Clauses or adequacy decisions
Authors
Relevant legal definitions
Personal Data
Processing
Data Subject
Data Controller
Data Processor
Special Categories of Personal Data
Consent
Legitimate Interest
Data Protection Officer
Supervisory Authority
Datatilsynet
Third Party
Recipient
Filing System
Profiling
Pseudonymization
Data Minimization
Cross-border Processing
International Transfer
Data Protection Impact Assessment
Binding Corporate Rules
Standard Contractual Clauses
Automated Decision-Making
Joint Controllers
Cookie
Log Data
Technical and Organizational Measures
Data Breach
Right of Access
Right to Rectification
Right to Erasure
Right to Data Portability
Privacy Notice
Data Protection Legislation
Processing
Data Subject
Data Controller
Data Processor
Special Categories of Personal Data
Consent
Legitimate Interest
Data Protection Officer
Supervisory Authority
Datatilsynet
Third Party
Recipient
Filing System
Profiling
Pseudonymization
Data Minimization
Cross-border Processing
International Transfer
Data Protection Impact Assessment
Binding Corporate Rules
Standard Contractual Clauses
Automated Decision-Making
Joint Controllers
Cookie
Log Data
Technical and Organizational Measures
Data Breach
Right of Access
Right to Rectification
Right to Erasure
Right to Data Portability
Privacy Notice
Data Protection Legislation
Clauses
Controller Identity
Data Protection Officer Contact
Purpose Specification
Legal Basis
Data Categories
Data Recipients
Data Transfers
Retention Period
Data Subject Rights
Withdrawal of Consent
Complaint Rights
Automated Decision Making
Data Security
Data Sharing
International Transfers
Cookie Usage
Marketing Communications
Data Collection Methods
Mandatory Information
Children's Privacy
Updates to Notice
Contact Information
Breach Notification
Special Categories Processing
Legitimate Interests
Third Party Processing
Data Protection Measures
Record Keeping
Employee Monitoring
CCTV Recording
Data Protection Officer Contact
Purpose Specification
Legal Basis
Data Categories
Data Recipients
Data Transfers
Retention Period
Data Subject Rights
Withdrawal of Consent
Complaint Rights
Automated Decision Making
Data Security
Data Sharing
International Transfers
Cookie Usage
Marketing Communications
Data Collection Methods
Mandatory Information
Children's Privacy
Updates to Notice
Contact Information
Breach Notification
Special Categories Processing
Legitimate Interests
Third Party Processing
Data Protection Measures
Record Keeping
Employee Monitoring
CCTV Recording
Relevant Industries
Financial Services
Healthcare
Retail
Technology
Education
Manufacturing
Professional Services
Public Sector
Telecommunications
E-commerce
Human Resources
Insurance
Real Estate
Transportation
Hospitality
Relevant Teams
Legal
Compliance
Data Protection
Information Security
Risk Management
Human Resources
Information Technology
Privacy Office
Governance
Operations
Relevant Roles
Data Protection Officer
Privacy Manager
Compliance Officer
Legal Counsel
IT Security Manager
Risk Manager
HR Director
Information Security Officer
Chief Privacy Officer
Chief Legal Officer
Chief Compliance Officer
Data Protection Specialist
Privacy Analyst
Compliance Manager
Information Governance Manager
Find the exact document you need
Policy Notice
A Danish law-compliant privacy and data protection policy document outlining an organization's personal data handling practices under Danish and EU regulations.
find out more
Notice Of Personal Data Processing
A mandatory privacy notice under Danish law and GDPR that informs individuals about how their personal data is processed.
find out more
Privacy Information Notice
A mandatory document under Danish law and GDPR that explains how an organization handles personal data and protects individual privacy rights.
find out more
Data Privacy Notice
A GDPR-compliant Data Privacy Notice for use in Denmark, outlining how organizations handle personal data in accordance with Danish and EU privacy laws.
find out more
Cctv Privacy Notice
A Danish law-compliant privacy notice explaining CCTV surveillance practices and data subject rights under GDPR and Danish data protection legislation.
find out more
Personal Data Protection Notice
A mandatory privacy notice under Danish law and GDPR that explains how an organization handles personal data and individuals' privacy rights.
find out more
Standard Privacy Notice
A GDPR-compliant privacy notice under Danish law that explains how an organization processes personal data and protects individual privacy rights.
find out more
Staff Privacy Notice
A mandatory privacy notice under Danish law and GDPR that informs employees about how their personal data is collected, used, and protected.
find out more
External Privacy Notice
A GDPR-compliant External Privacy Notice under Danish law that explains how an organization handles personal data of external stakeholders.
find out more
Applicant Privacy Notice
A GDPR-compliant privacy notice for job applicants in Denmark, outlining how their personal data is handled during recruitment.
find out more
Data Processing Notice
GDPR-compliant Data Processing Notice under Danish law, informing data subjects about the processing of their personal data.
find out more
Employee Privacy Notice
A Danish law-compliant privacy notice explaining how an organization handles employee personal data in accordance with GDPR and local requirements.
find out more
Download our whitepaper on the future of AI in Legal
By providing your email address you are consenting to our Privacy Notice.
Genie’s Security Promise
Genie is the safest place to draft. Here’s how we prioritise your privacy and security.
Your documents are private:
We do not train on your data; Genie’s AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
Our bank-grade security infrastructure undergoes regular external audits
We are ISO27001 certified, so your data is secure
Organizational security
You retain IP ownership of your documents
You have full control over your data and who gets to see it
Innovation in privacy:
Genie partnered with the Computational Privacy Department at Imperial College London
Together, we ran a £1 million research project on privacy and anonymity in legal contracts
Want to know more?
Visit our Trust Centre for more details and real-time security updates.
Read our Privacy Policy.