What is a data protection policy and why do I need one?
Data protection policies disclose how a business protects personal data to abide by data protection laws. The policy contains the principles, lawful basis and individuals rights that organisations need to comply with. You must have a data protection policy if your business stores or uses personal data, this includes information about staff and customers.
What does this policy cover?
This policy details the requirements of data protection legislation and sets out good practice for compliance. The policy covers your approach to data protection, how you ensure lawful processing and data minimisation, how policies apply to your business, the rights of data subjects, how you demonstrate accountability and training protocols for handling personal data.
Is this policy right for you?
This data protection policy is right for you is you are a UK business who collects personal data.
How do I adapt the template to my business?
The template is accompanied by a written guideline and a video explaining how to adapt the policy to your specific needs, including the information that can be changed. If you require additional assistance, you can contact one of the team via email for support and guidance.