Create a bespoke document in minutes, or upload and review your own.
Get your first 2 documents free
Your data doesn't train Genie's AI
You keep IP ownership of your information
Privacy Notice
I need a privacy notice that clearly outlines how personal data is collected, used, and stored for users of our mobile application, ensuring compliance with Canadian privacy laws and including information on user rights and data protection measures.
What is a Privacy Notice?
A Privacy Notice tells people how your organization collects, uses, and protects their personal information. It's a key document required under Canadian privacy laws like PIPEDA, laying out your data handling practices in clear, accessible language.
The notice explains what data you gather, why you need it, who you share it with, and how long you keep it. It also outlines people's rights to access their information and spells out your security measures. Most Canadian businesses display their Privacy Notice on their website and share it when collecting personal details from customers or employees.
When should you use a Privacy Notice?
Use a Privacy Notice whenever you start collecting personal information from Canadians. This includes launching a new website, rolling out customer surveys, setting up employee records, or adding data collection features to your business operations.
Key times to update your Privacy Notice include expanding into new provinces, changing how you handle data, or working with new third-party service providers. PIPEDA requires clear disclosure before collecting information, so having your notice ready before launching new initiatives helps avoid compliance issues and builds trust with your customers, employees, and partners.
What are the different types of Privacy Notice?
- Standard Privacy Notice: Basic template suitable for most businesses, covering essential PIPEDA requirements and common data practices
- Company Privacy Notice: Focused on employee data handling, workplace surveillance, and internal privacy policies
- Privacy Disclosure Notice: Detailed version for financial services and organizations sharing data with third parties
- Care Home Privacy Notice: Specialized for healthcare settings, addressing sensitive medical information and resident rights
- Client Privacy Notice: Tailored for professional services firms handling confidential client information
Who should typically use a Privacy Notice?
- Privacy Officers: Draft and maintain the Privacy Notice, ensure compliance with PIPEDA, and handle data protection inquiries
- Business Owners: Responsible for implementing privacy policies and ensuring staff follow data handling procedures
- Legal Counsel: Review and update notices to meet regulatory requirements and minimize legal risks
- IT Teams: Implement technical measures described in the notice and maintain data security systems
- Customers and Employees: Main subjects of data collection who rely on the notice to understand their privacy rights
- Third-Party Vendors: Must comply with privacy requirements when handling data on behalf of the organization
How do you write a Privacy Notice?
- Map Data Flows: Document all personal information your organization collects, uses, and shares
- Review Operations: List your data storage locations, security measures, and retention periods
- Check Third Parties: Identify all service providers who handle personal information on your behalf
- Define Purpose: Clearly explain why you collect each type of personal information
- Consider Access: Plan how individuals can view and correct their personal information
- Use Our Platform: Generate a legally-sound Privacy Notice that includes all PIPEDA requirements
- Internal Review: Have key stakeholders verify accuracy of operational details before finalizing
What should be included in a Privacy Notice?
- Contact Information: Name and details of your privacy officer or responsible person
- Data Collection: Types of personal information collected and purposes for collection
- Consent Statement: How you obtain and manage user consent for data collection
- Data Usage: How personal information is used, stored, and protected
- Information Sharing: Third parties who may access the data and why
- Access Rights: How individuals can view, correct, or challenge their data
- Data Retention: How long information is kept and disposal methods
- Cross-border Transfer: Details about data movement outside Canada
- Updates Process: How changes to the privacy notice are communicated
What's the difference between a Privacy Notice and a Privacy Policy?
A Privacy Notice is often confused with a Privacy Policy, but they serve different purposes under Canadian privacy law. While both deal with personal information handling, their scope and application differ significantly.
- Audience and Style: Privacy Notices are shorter, customer-facing documents written in plain language to inform individuals about data collection, while Privacy Policies are more detailed internal documents that guide company procedures
- Legal Requirements: PIPEDA mandates Privacy Notices for direct communication with data subjects, whereas Privacy Policies fulfill broader organizational compliance obligations
- Content Focus: Notices explain specific data collection instances and individual rights, while Policies cover comprehensive data governance frameworks and internal procedures
- Timing of Use: Notices are provided at or before data collection points, while Policies serve as ongoing reference documents for business operations
Download our whitepaper on the future of AI in Legal
ұԾ’s Security Promise
Genie is the safest place to draft. Here’s how we prioritise your privacy and security.
Your documents are private:
We do not train on your data; ұԾ’s AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
Our bank-grade security infrastructure undergoes regular external audits
We are ISO27001 certified, so your data is secure
Organizational security
You retain IP ownership of your documents
You have full control over your data and who gets to see it
Innovation in privacy:
Genie partnered with the Computational Privacy Department at Imperial College London
Together, we ran a £1 million research project on privacy and anonymity in legal contracts
Want to know more?
Visit our for more details and real-time security updates.
Read our Privacy Policy.