Research & Planning
Review more in depth guidance from trusted sources and plan out what you will need to do. One way which is required if you collect risky data or have over 250 employees, but optional otherwise, is to complete this assessment. Although likely optional for a small community it can still help you to plan out what you might need to do next.
Create Privacy Policy
Your privacy policy must be very clear and transparent. When it is complete, place a link to it in an obvious location and as a best practice near things like forms. The link should simply read, “Privacy Policy,” because that’s very clear. You will find policy generators and templates by doing a quick search online. Make sure the privacy policy explains what data you collect, why, and be sure there is justification, or legitimate reasons for collecting that data. Be sure to include:
Create Terms of Service
This isn’t 100% GDPR related but it goes along with it. Plus, this is a checklist for small communities such as Internet forums where Terms are very necessary. So, this is your reminder to create this documentation as well. This is different from data privacy. It’s about the rules of your community such as, no profanity allowed.