🎙⏯ GDPR, AI & Cybersecurity: Upcoming webinars and replays 🎙⏯ GDPR, AI & Cybersecurity: Upcoming webinars and replays 🎙⏯ GDPR, AI & Cybersecurity: Upcoming webinars and replays 🎙⏯ GDPR, AI & Cybersecurity: Upcoming webinars and replays
Call us on +(33)4 28 70 91 81
Log in

Article 12 of the GDPR: Transparency of information and communications

Home GDPR articles decrypted Article 12 of the GDPR: Transparency of information and communications

Article 12 of the GDPR requires data controllers to ensure clear, accessible and understandable communication with data subjects regarding their personal data. It defines the terms and conditions for exercising rights and the transparency requirements.

Article 12 of the GDPR explained

  • Provide clear and understandable information on data processing (articles 13 and 14),
  • Allow people to exercise their rights (access, rectification, erasure, etc.) in a simple way,
  • Respond within one month, extendable by two months in case of complexity,
  • Inform free of charge, except in the event of manifestly unfounded or excessive requests.

This must be done electronically where appropriate, and responses must be accessible to all audiences, including vulnerable people.

Why is this article important for your GDPR compliance?

This article is fundamental because it reflects the principle of transparency, a pillar of the GDPR. It conditions user trust, legal compliance and the effectiveness of the exercise of rights. Failure to respond or incomplete information may result in sanctions from supervisory authorities.

How to comply with Article 12 of the GDPR?

  • Write clear and concise information in your privacy policies, legal notices, forms, etc.
  • Set up an internal procedure for managing people's rights (DPO or referent).
  • Document requests received and responses provided within legal deadlines.
  • Provide a simple and free electronic or postal channel to enable the exercise of these rights.

Examples of application of Article 12 of the GDPR

  • A company allows users to modify or delete their data via an online form, with a response within 30 days.
  • An association integrates a transparency charter written in simplified language for young audiences.
  • An organization responds to an access right request by email with a PDF file listing the processed data.

Related Resources

Accelerate your compliance in just a few clicks

With our all-in-one solution, you can accelerate and ensure compliance easily:

  • Automate your compliance with our GDPR software
  • Supported or outsourced by our DPO experts
  • Raise awareness among your teams with our GDPR training e-learning

👉 Request a demo with an expert

⚡ Assess your situation in 15 minutes with our free, no-obligation GDPR self-diagnosis.
👉 GDPR: Self-assess now

Other articles
on the same subject