Not only is transparency the latest trend in data processing, but in some cases, it is also required by law. Article 13(1)(e) of the General Data Protection Regulation (GDPR) states that data controllers – that is, anyone who owns a website, online business, or mobile app – must provide users with information regarding:
the recipients or categories of recipients of the personal data, if any
This means that you must disclose the names of the third-party service providers with whom you share data — actively or passively — or the categories those service providers fall under.
Article 30(1)(d) of the GDPR also states that data controllers must maintain a record of their processing activities, including:
the categories of recipients to whom the personal data have been or will be disclosed including recipients in third countries or international organisations
This means that whether or not you discontinue use of a third-party service, you still need to be able to provide a record that you have used that service.
Fortunately, with this latest Termly update, users — both new and current — can easily comply with both of these GDPR stipulations and achieve a level of transparency that will give your users peace of mind.
If you’re feeling overwhelmed by the extensive requirements of the GDPR, check out our What is GDPR? guide for a clear introduction to this new privacy law’s key concepts.