This document has also been written with the UK GDPR in mind, covering important points such as details of data subjects' rights, information on the retention of personal data (i.e. for how long it will be kept), data subject access requests, and controls and/or consent for cookies and related technologies.
This document has been updated for compatibility with the UK GDPR. It is ready for use from the start of 2021.
This document has been designed for general application, however please note that you may require specific legal advice if you deal with ‘special category’ (aka ‘sensitive’) personal data, data relating to criminal convictions, or children’s personal data as additional measures may be required.
When providing details of the personal data that you collect and how you collect it, both detail and user-friendliness are important. Using impenetrable tech jargon will not serve you well here. It is also important to note that, where data is sourced from a third party, you specify what type of organisation that third party is (e.g. its industry or sector, and whether it is private or public). It may also be helpful to indicate whether the source is inside or outside the UK. Provide as much detail here as is commercially reasonable.
A further important point to note relates to your data security arrangements. Users should be able to understand what you are doing to keep their personal data safe. When setting out measures such as encryption, ensuring on-going confidentiality, and recovering data in the event of loss, be sure to use user-friendly language.
Finally, it is important to note that the provisions included in this template are broad and will not necessarily apply to all websites. When completing this template, ensure that your policy accurately reflects your actual use of personal data and associated procedures.
Optional phrases / clauses are enclosed in square brackets. These should be read carefully and selected so as to be compatible with one another. Unused options should be removed from the document.
1. Definitions and Interpretation
2. Information About [Us] OR [Me]
3. What Does This Policy Cover?
4. What Is Personal Data?
5. What Are My Rights?
6. What Data Do You Collect and How?
7. How Do You Use My Personal Data?
8. How Long Will You Keep My Personal Data?
9. How and Where Do You Store or Transfer My Personal Data?
10. Do You Share My Personal Data?
11. How Can I Control My Personal Data?
12. Can I Withhold Information?
13. How Can I Access My Personal Data?
15. How Do I Contact You?
Once you have purchased access to the appropriate document folder click on the “Download Document” link below. You will be asked what you want to do with the file. It is recommended that you save the document to a location of your choice prior to viewing.