Data Protection Policies
Other policies will be internal, designed to educate and inform everyone within your organisation about the rules which apply to their work. A data protection policy is one such internal policy.
A data protection policy should set out the principles and obligations governing your business’s use of personal data, explaining what data is collected, what for, how it is used, the technical and organisational measures for protecting it when it is being processed, stored, transferred, and so on.
Document Templates Available
We offer a range of different Data Protection Policy templates:
- Our Standard Data Protection Policy is broad in application and well-suited to many types of personal data, including that relating to customers and business contacts such as contractors and suppliers. It is highly detailed and reproduces key parts of the UK GDPR to assist in training and awareness.
- We also offer a Short Form Data Protection Policy. This follows the same basic structure as the standard policy described above, but certain sections are simplified and refer to separate policies for more detail.
- The past year has seen a huge increase in home working. Our Home Working Data Protection Policy is based on our standard policy and adds a number of useful provisions to make it more suitable for home working. Home working inevitably poses higher risks where personal data is concerned. Home wi-fi networks and, in some cases, personal IT equipment may often not be as secure as their office counterparts. This policy aims to address such matters.
- Our Employee Data Protection Policy is tailored for use with personal data relating only to your staff. It is based, again, on our standard policy, but has been designed with a more limited scope in mind.
- We also provide a Short Form Employee Data Protection Policy. This document is similarly limited to personal data relating to employees and, like it’s more general counterpart, leaves some more detailed sections to other policies.
Additional Policy Templates
The following templates may also be useful alongside one of the Data Protection Policies above:
- Our IT Security Policy covers a broad range of security measures (mostly technical, but also organisational) designed to support good data protection practice.
- Our Data Security Policy is based on the IT Security Policy, but extends beyond IT systems and data stored electronically to cover a wider range of data, including that stored in hardcopy form.
- Our Data Handling Policy is a simpler document, designed to work alongside a larger, more detailed Data Protection Policy. It is designed to serve more as a quick reference for staff handling personal data. In essence, it is a helpful list of “do’s and don’ts”.