https://github.com/Transparency-Information-Language/schemaThis schema defines the Transparency Information Language
object (Root schema of a Transparency Information Language)
{
"meta": {
"_id": "f1424f86-ca0f-4f0c-9438-43cc00509931",
"name": "Green Company",
"created": "2020-04-03T15:53:05.929588",
"modified": "2020-04-03T15: 53: 05.929588",
"version": 2,
"language": "de",
"status": "active",
"url": "https://green-bikes.de/privacy",
"_hash": "d732a793562a3e5dc57645a8"
},
"controller": {
"name": "Green Company AG",
"division": "Product line e-mobility",
"address": "Wolfsburger Ring 2, 38440 Berlin",
"country": "DE",
"representative": {
"name": "Jane Super",
"email": "[email protected]",
"phone": "0049 151 1234 5678"
}
},
"dataProtectionOfficer": {
"name": "Jane Super",
"address": "Wolfsburger Ring 2, 38440 Berlin",
"country": "DE",
"email": "[email protected]",
"phone": "0049 151 1234 5678"
},
"dataDisclosed": [
{
"_id": "f1424f86-ca0f-4f0c-9438-43cc00509931",
"category": "E-mail address",
"purposes": [
{
"purpose": "Marketing",
"description": "Newsletter will be sent out once a month."
}
],
"legalBases": [
{
"reference": "GDPR-99-1-a",
"description": "The data are processed on the basis of Art. 99 GDPR which states..."
},
{
"reference": "BDSG-42-5",
"description": "BDSG-42-5 refers to the processing of personal data within..."
}
],
"legitimateInterests": [
{
"exists": true,
"reasoning": "There is an legitimate interest based on ... and is not overwritten because ..."
}
],
"recipients": [
{
"name": "Yellow Company AG",
"division": "Product line e-mobility",
"address": "Triana 123, 9999 Seville",
"country": "ES",
"representative": {
"name": "Jane Super",
"email": "[email protected]",
"phone": "0049 151 1234 9876"
},
"category": "Marketing content provider"
},
{
"category": "Responsible Statistical Institutes"
}
],
"storage": [
{
"temporal": [
{
"description": "Creating backups.",
"ttl": "2005-08-09T18:31:42P3Y6M4DT12H30M17S"
},
{
"description": "Finishing ordering process.",
"ttl": "2020-08-09T18:31:42P3Y6M4DT12H30M17S"
}
],
"purposeConditional": [
"Data is stored until the end of the ordering process."
],
"legalBasisConditional": [
"SGB-100-42"
],
"aggregationFunction": "max"
}
],
"nonDisclosure": {
"legalRequirement": false,
"contractualRegulation": false,
"obligationToProvide": false,
"consequences": "If the data is not disclosed, the shipment cannot be delivered."
}
}
],
"thirdCountryTransfers": [
{
"country": "ES",
"adequacyDecision": {
"available": true,
"description": "An adequacy decision was made on the 23rd April 2020 by..."
},
"appropriateGuarantees": {
"available": true,
"description": "Here the appropriate guarantee was formulated by..."
},
"presenceOfEnforceableRightsAndEffectiveRemedies": {
"available": true,
"description": "These rights are given because of..."
},
"standardDataProtectionClause": {
"available": true,
"description": "The standard data protection clause which applies here can be found here: ..."
}
}
],
"accessAndDataPortability": {
"available": true,
"description": "Data access is possible through...",
"url": "https://green-bikes.de/access",
"email": "[email protected]",
"identificationEvidences": [
"ID card copy",
"Email verification"
],
"administrativeFee": {
"amount": 0,
"currency": "EUR"
},
"dataFormat": "json"
},
"sources": [
{
"_id": "f1423cc00509931",
"dataCategory": "Creditworthiness",
"sources": [
{
"description": "This information could be retrieved from...",
"url": "https://blueCompany.org",
"publiclyAvailable": false
}
]
}
],
"rightToInformation": {
"available": true,
"description": "For the right to information please use this contact form and...",
"url": "https://greencompany.org/rightToInformation",
"email": "[email protected]",
"identificationEvidences": [
"ID card copy",
"Email verification"
]
},
"rightToRectificationOrDeletion": {
"available": true,
"description": "For the right to rectification please use this contact form and...",
"url": "https://greencompany.org/rights",
"email": "[email protected]",
"identificationEvidences": [
"ID card copy",
"Email verification"
]
},
"rightToDataPortability": {
"available": false,
"description": "Data portability is only possible when...",
"url": "https://greencompany.org/rights",
"email": "[email protected]",
"identificationEvidences": [
"ID card copy"
]
},
"rightToWithdrawConsent": {
"available": true,
"description": "For the right to withdraw consent please use this contact form and...",
"url": "https://greencompany.org/rights",
"email": "[email protected]",
"identificationEvidences": [
"Email verification"
]
},
"rightToComplain": {
"available": true,
"description": "For the right to complain please use this contact form and...",
"url": "https://greencompany.org/rights",
"email": "[email protected]",
"identificationEvidences": [
"ID card copy",
"Email verification"
],
"supervisoryAuthority": {
"name": "Commissioner for Data Protection",
"address": "Friedrichstrasse 219, 10969 Berlin",
"country": "DE",
"email": "[email protected]",
"phone": "0049 444 222 111"
}
},
"automatedDecisionMaking": {
"inUse": true,
"logicInvolved": "The personal data are processed as follows...",
"scopeAndIntendedEffects": "From processing follows..."
},
"changesOfPurpose": [
{
"description": "Due to techncial requirements...",
"affectedDataCategories": [
"Email adress",
"Credit score"
],
"plannedDateOfChange": "2020-08-20",
"urlOfNewVersion": "https://greencomp.de/privacypolicy/2"
}
]
}Meta information for the identification and verification of the document.
meta
- is required
- Type:
object(Meta) - cannot be null
- defined in: Root schema of a Transparency Information Language
object (Meta)
{
"_id": "f1424f86-ca0f-4f0c-9438-43cc00509931",
"name": "Green Company",
"created": "2020-04-03T15:53:05.929588",
"modified": "2020-04-03T15: 53: 05.929588",
"version": 2,
"language": "de",
"status": "active",
"url": "https://green-bikes.de/privacy",
"_hash": "d732a793562a3e5dc57645a8"
}The responsible controller is defined in here.
controller
- is required
- Type:
object(Controller) - cannot be null
- defined in: Root schema of a Transparency Information Language
object (Controller)
{
"name": "Green Company AG",
"division": "Product line e-mobility",
"address": "Wolfsburger Ring 2, 38440 Berlin",
"country": "DE",
"representative": {
"name": "Jane Super",
"email": "[email protected]",
"phone": "0049 151 1234 5678"
}
}The Data Protection Officer (DPO) of the controller.
dataProtectionOfficer
- is required
- Type:
object(DataProtectionOfficer) - cannot be null
- defined in: Root schema of a Transparency Information Language
object (DataProtectionOfficer)
{
"name": "Jane Super",
"address": "Wolfsburger Ring 2, 38440 Berlin",
"country": "DE",
"email": "[email protected]",
"phone": "0049 151 1234 5678"
}A detailed explanation about which data is disclosed in the processing tasks.
dataDisclosed
- is required
- Type: an array of merged types (Details)
- cannot be null
- defined in: Root schema of a Transparency Information Language
an array of merged types (Details)
[
{
"_id": "f1424f86-ca0f-4f0c-9438-43cc00509931",
"category": "E-mail address",
"purposes": [
{
"purpose": "Marketing",
"description": "Newsletter will be sent out once a month."
}
],
"legalBases": [
{
"reference": "GDPR-99-1-a",
"description": "The data are processed on the basis of Art. 99 GDPR which states..."
},
{
"reference": "BDSG-42-5",
"description": "BDSG-42-5 refers to the processing of personal data within..."
}
],
"legitimateInterests": [
{
"exists": true,
"reasoning": "There is an legitimate interest based on ... and is not overwritten because ..."
}
],
"recipients": [
{
"name": "Yellow Company AG",
"division": "Product line e-mobility",
"address": "Triana 123, 9999 Seville",
"country": "ES",
"representative": {
"name": "Jane Super",
"email": "[email protected]",
"phone": "0049 151 1234 9876"
},
"category": "Marketing content provider"
},
{
"category": "Responsible Statistical Institutes"
}
],
"storage": [
{
"temporal": [
{
"description": "Creating backups.",
"ttl": "2005-08-09T18:31:42P3Y6M4DT12H30M17S"
},
{
"description": "Finishing ordering process.",
"ttl": "2020-07-12T18:31:42P3Y6M4DT12H30M17S"
}
],
"purposeConditional": [
"Data is stored until the end of the ordering process."
],
"legalBasisConditional": [
"SGB-100-42"
],
"aggregationFunction": "max"
}
],
"nonDisclosure": {
"legalRequirement": false,
"contractualRegulation": false,
"obligationToProvide": false,
"consequences": "If the data is not disclosed, the shipment cannot be delivered."
}
}
]This schema refers to the adequacy decisions of any third country transfers.
thirdCountryTransfers
- is required
- Type: an array of merged types (Details)
- cannot be null
- defined in: Root schema of a Transparency Information Language
an array of merged types (Details)
[
{
"country": "ES",
"adequacyDecision": {
"available": true,
"description": "An adequacy decision was made on the 23rd April 2020 by..."
},
"appropriateGuarantees": {
"available": true,
"description": "Here the appropriate guarantee was formulated by..."
},
"presenceOfEnforceableRightsAndEffectiveRemedies": {
"available": true,
"description": "These rights are given because of..."
},
"standardDataProtectionClause": {
"available": true,
"description": "The standard data protection clause which applies here can be found here: ..."
}
}
]Defining the right to access and data portability.
accessAndDataPortability
- is required
- Type:
object(AccessAndDataPortability) - cannot be null
- defined in: Root schema of a Transparency Information Language
object (AccessAndDataPortability)
{
"available": true,
"description": "Data access is possible through...",
"url": "https://green-bikes.de/access",
"email": "[email protected]",
"identificationEvidences": [
"ID card copy",
"Email verification"
],
"administrativeFee": {
"amount": 0,
"currency": "EUR"
},
"dataFormat": "json"
}This duty to provide information is limited to the collection of personal data that does not take place from the data subject (Art. 14).
sources
- is required
- Type: an array of merged types (Details)
- cannot be null
- defined in: Root schema of a Transparency Information Language
an array of merged types (Details)
[
{
"_id": "f1423cc00509931",
"dataCategory": "Creditworthiness",
"sources": [
{
"description": "This information could be retrieved from...",
"url": "https://blueCompany.org",
"publiclyAvailable": false
}
]
}
]Refers to the right of information.
rightToInformation
- is required
- Type:
object(RightToInformation) - cannot be null
- defined in: Root schema of a Transparency Information Language
object (RightToInformation)
{
"available": true,
"description": "For the right to information please use this contact form and...",
"url": "https://greencompany.org/rightToInformation",
"email": "[email protected]",
"identificationEvidences": [
"ID card copy",
"Email verification"
]
}This schema refers to the right to rectification or deletion (Art. 16 GDPR).
rightToRectificationOrDeletion
- is required
- Type:
object(RightToRectificationOrDeletion) - cannot be null
- defined in: Root schema of a Transparency Information Language
object (RightToRectificationOrDeletion)
{
"available": true,
"description": "For the right to rectification please use this contact form and...",
"url": "https://greencompany.org/rights",
"email": "[email protected]",
"identificationEvidences": [
"ID card copy",
"Email verification"
]
}The right to data portability as stated in Art. 20 GDPR.
rightToDataPortability
- is required
- Type:
object(RightToDataPortability) - cannot be null
- defined in: Root schema of a Transparency Information Language
object (RightToDataPortability)
{
"available": true,
"description": "Data portability is only possible when...",
"url": "https://greencompany.org/rights",
"email": "[email protected]",
"identificationEvidences": [
"ID card copy"
]
}This schema refers to the right to withdraw consent.
rightToWithdrawConsent
- is required
- Type:
object(RightToWithdrawConsent) - cannot be null
- defined in: Root schema of a Transparency Information Language
object (RightToWithdrawConsent)
{
"available": true,
"description": "For the right to withdraw consent please use this contact form and...",
"url": "https://greencompany.org/rights",
"email": "[email protected]",
"identificationEvidences": [
"Email verification"
]
}This schema refers to the right to complain.
rightToComplain
- is required
- Type:
object(RightToComplain) - cannot be null
- defined in: Root schema of a Transparency Information Language
object (RightToComplain)
{
"available": true,
"description": "For the right to complain please use this contact form and...",
"url": "https://greencompany.org/rights",
"email": "[email protected]",
"identificationEvidences": [
"ID card copy",
"Email verification"
],
"supervisoryAuthority": {
"name": "Commissioner for Data Protection",
"address": "Friedrichstrasse 219, 10969 Berlin",
"country": "DE",
"email": "[email protected]",
"phone": "0049 444 222 111"
}
}Automated decision making and potentially involved logic. Does include profiling.
automatedDecisionMaking
- is required
- Type:
object(AutomatedDecisionMaking) - cannot be null
- defined in: Root schema of a Transparency Information Language
object (AutomatedDecisionMaking)
{
"inUse": true,
"logicInvolved": "The personal data are processed as follows...",
"scopeAndIntendedEffects": "From processing follows..."
}Notification of change of purpose.
changesOfPurpose
- is required
- Type: an array of merged types (Details)
- cannot be null
- defined in: Root schema of a Transparency Information Language
an array of merged types (Details)
[
{
"description": "Due to technical requirements...",
"affectedDataCategories": [
"Email adress",
"Credit score"
],
"plannedDateOfChange": "2020-08-20",
"urlOfNewVersion": "https://greencomp.de/privacypolicy/2"
}
]Additional properties are allowed and do not have to follow a specific schema