> For the complete documentation index, see [llms.txt](https://docs.pakk.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.pakk.io/websites/gdpr-privacy-and-cookies/gdpr.md).

# GDPR

### GDPR Privacy Policy requirements <a href="#gdpr-privacy-policy-requirements" id="gdpr-privacy-policy-requirements"></a>

* Concise, transparent, intelligible, and easily accessible form
* Written in clear and plain language, particularly for any information addressed specifically to a child
* Delivered in a timely manner
* Provided free of charge

### What must be shared <a href="#what-must-be-shared" id="what-must-be-shared"></a>

* The identity and contact details of the organization, its representative, and its Data Protection Officer
* The purpose for the organization to process an individual’s personal data and its legal basis
* The legitimate interests of the organization (or third party, where applicable)
* Any recipient or categories of recipients of an individual’s data
* The details regarding any transfer of personal data to a third country and the safeguards taken
* The retention period or criteria used to determine the retention period of the data
* The existence of each data subject’s rights
* The right to withdraw consent at any time (where relevant)
* The right to lodge a complaint with a supervisory authority
* Whether the provision of personal data is part of a statutory or contractual requirement or obligation and the possible consequences of failing to provide the personal data
* The existence of an automated decision-making system, including profiling, and information about how this system has been set up, the significance, and the consequences

As you can see, creating a GDPR-compliant *Privacy Policy* for most e-commerce businesses could be quite a headache - it would involve wading through technical documentation about how your e-commerce platform and connected systems work, in order to try to understand the data flows, which would likely run into the hundreds.

### Pakk simplifies privacy <a href="#pakk-simplifies-privacy" id="pakk-simplifies-privacy"></a>

With Pakk, the situation is much simpler. Firstly, due to the fact that Pakk is architected as a "one-stop-shop" commerce platform, data is much more centralised and there are far fewer data flows to external sources than in a standard *e-commerce platform + plugins + api integrations* setup. Secondly, because Pakk is *configurable, not customiseable*, the system already knows where customer data is kept, processed and shared. With this in mind, it should be obvious that **Pakk can write your Privacy Policy** for you. In fact, it does. Pakk uses its knowledge of the settings in your account and the configuration of the website to autogenerate a Privacy Policy and link to it in easily discoverable places. We might need you to fill in a few more details, for completeness sake, but essentially, the platform can generate 90% of the text in order to fulfil the above requirements. Obviously, this is all translatable to any Pakk language too.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.pakk.io/websites/gdpr-privacy-and-cookies/gdpr.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
