GRI 418: Customer Privacy 2016 sets out reporting requirements on the topic of customer privacy. This Standard can be used by an organization of any size, type, sector or geographic location that wants to report on its impacts related to this topic.
This version was updated as of 27 June 2017 to fix minor translations errors. See errata (27 June 2017).
In the context of the GRI Standards, the social dimension of sustainability concerns an organization’s impacts on the social systems within which it operates.
GRI 418 addresses the topic of customer privacy, including losses of customer data and breaches of customer privacy. These can result from non-compliance with existing laws, regulations and/or other voluntary standards regarding the protection of customer privacy.
These concepts are covered in key instruments of the Organisation for Economic Co-operation and Development: see the References section of this Standard.
The disclosures in this Standard can provide information about an organization’s impacts related to customer privacy, and how it manages them.
Effective date: 1 July 2018
Earlier adoption is encouraged.
GRI 418: Customer Privacy
1. Management approach disclosures
2. Topic-specific disclosures
Disclosure 418-1 Substantiated complaints regarding concerning breaches of customer privacy and losses of customer data