Which of the following elements MUST a compliant EU-US Safe Harbor Privacy Policy contain?

A.
An explanation of how long the data subject’s collected information will be retained for and how
it will be eventually disposed.

B.
An explanation of who can be contacted at the organization collecting the information if
corrections are required by the data subject.

C.
An explanation of the regulatory frameworks and compliance standards the information collecting
organization adheres to.

D.
An explanation of all the technologies employed by the collecting organization in gathering
information on the data subject.