- That they are concise, transparent, intelligible and easily accessible.
- They need to be written in clear and plain language, particularly if addressed to a child.
- Needs to be free of charge.
- The purpose and legal basis of the processing of personal data.
- Contact details for the Data Controller for any queries.
- Whether there is any automated decision making and profiling and the reason for this.