*Note, this article walks through a privacy worksheet assuming you will be acting as a controller. For more information on the processor privacy worksheet, please refer to How do I use launches as a data processor?
The privacy worksheet is an expanded question-and-answer interface that helps privacy managers evaluate and document how each launch uses data. When a launch requires a privacy worksheet, TerraTrue will use the Data Spec and your past launches to create a custom sequence of questions to gather insights about the projects and data practices associated with launch. Once a Privacy Manager completes the worksheet, we provide them with a list of recommended actions, solutions, and safeguards. TerraTrue learns from your privacy worksheets, so they'll get faster and smarter the more you use them.
Which laws does the privacy worksheet cover?
The privacy worksheet is designed for global privacy-by-design programs, but can also support region-specific laws. TerraTrue offers a growing range of privacy modules with dedicated workflows and detailed recommendations for specific laws — like CCPA/CPRA, GDPR, CPA, VCDPA, CTDPA, TDPSA, and UCPA. If you've enabled our GDPR module, for instance, you can document your bases for processing and we'll automatically identify when part of a launch requires a data protection impact assessment. You can enable modules in your org settings and, if you have specific privacy needs we don't cover, you can always create a custom workflow. If you'd like more information about how the privacy worksheet is designed, contact us.
Completing the privacy worksheet
Once the Data Spec is complete, you can begin the privacy worksheet by clicking Start on the Privacy Worksheet accordion on the launch summary's activity tab under the Review section.
If the Data Spec changes while you're working on the privacy worksheet, we'll let you know how it changed and what to do next. You can also lock the Data Spec to prevent further changes.
The first page of the privacy worksheet provides a quick overview of how the launch uses data. If you see anything that doesn't seem right — like an overly long retention period for a sensitive piece of data — you can make inline changes using the Edit button. We'll notify the person who completed the Data Spec that they'll need to revisit their work.
After the first page, the privacy worksheet changes based on which modules you've enabled, the contents of the Data Spec, and any prior answers in the privacy worksheet. If you're stuck on any of the pages, contact us or reach out to your customer success representative. For help completing DPIAs, LIAs, and PIAs in the privacy worksheet, visit our article on privacy assessments.
Using recommendations
On the last page of the privacy worksheet, we provide a set of recommendations sorted by priority. Each recommendation has a checkbox you can use to track your progress. You can save the privacy worksheet and revisit these recommendations at any time.
If you see issues you'd like to discuss with your product teams after completing the privacy worksheet, tag them in a comment or message them with our Slack integration. The recommendations can only be viewed by users with the privacy worksheet viewer or editor permissions.
When you're satisfied with your review of a launch, you can mark your review status as Complete on the launch summary page. We'll notify the launch creator, create downloadable PDFs of any privacy assessments you've completed, and add the launch's information to Privacy Central.