GDPR Privacy Notice (Policy) Template

GDPR Privacy Notice Template


This Privacy Notice (sometimes referred to as Privacy Policy) template is designed to provide important information about your use of personal data to data subjects, as required by the GDPR.

This template is very similar to our website privacy policies , but it is designed primarily for use offline (or at least with offline data collection).

One of the most important rights under the GDPR is the right to be informed. This means that data subjects (e.g. customers) should be told:

· What personal data you hold about them

· What you use that data for

· The legal basis (i.e. grounds) for using it

· How long you will hold it

· Whether you will share the data (and with whom)

Information should also be provided about data subjects’ rights including the right of access and the right to withdraw consent (if applicable).

If personal data is collected directly from the data subjects themselves, this information should be provided at the time the data is collected. If it is collected from a third party, data subjects should be informed within a month, when you first communicate with the data subject, or when you disclose the data to someone else – whichever comes first.

Important points to note:

· You must explain the lawful basis you are relying on for your processing. In some cases, this will be clear from your purpose. In other cases, you should state it explicitly. This should be provided in Part 6 of the notice where you tell people what you use their data for.

· If you are relying on the ‘legitimate interests’ ground for using personal data, again, this may be clear from your listed purposes, or you may need to explain it more explicitly - again, Part 6 is the place to do this.

· If individuals are under a contractual or statutory obligation to provide their personal data, this must be explained. The template does not directly cover this, but if you do require this, it must be stated clearly.

· Always use clear, user-friendly language in your details to make the notice as accessible as possible.

If personal data is to be transferred outside of the EEA, options have been included in this template to describe the measure(s) in place. Links to additional information from the European Commission are provided in the document. If this document is to be used offline (e.g. printed), those links should be displayed in full to enable individuals to access the Commission's information.

Optional phrases / clauses are enclosed in square brackets. These should be read carefully and selected so as to be compatible with one another. Unused options should be removed from the document.

This Privacy Notice contains the following parts:
1. Information About [Us] OR [Me]
2. What Does This Notice Cover?
3. What is Personal Data?
4. What Are My Rights?
5. What Personal Data Do You Collect?
6. How Do You Use My Personal Data?
7. How Long Will You Keep My Personal Data?
8. How and Where Do You Store or Transfer My Personal Data?
9. Do You Share My Personal Data?
10. How Can I Access My Personal Data?
11. How Do I Contact You?
12. Changes to this Privacy Notice

This Privacy Notice is in open format. Either enter the requisite details in the highlighted fields or adjust the wording to suit your purposes.

Once you have purchased access to the appropriate document folder click on the “Download Document” link below. You will be asked what you want to do with the file. It is recommended that you save the document to a location of your choice prior to viewing.