Our pack of essential GDPR template documents has been drafted by our employment lawyers to provide an easily accessible set of compliant template documentation needed to meet the requirements of the GDPR in relation to employee data.
The HR must-have documents cover:
- Privacy notices informing individuals how the company uses their personal data, covering the different types of data and how you collect it (the pack includes separate privacy notices for employees and job applicants)
- Processes you need to follow for employee data retention, explaining how, and for how long, the company might keep employees’ personal data, with supporting guidance
- Data protection policy explaining how the company complies with its GDPR obligations and how it expects employees who handle personal data in their jobs to comply
- Employee record of processing detailing how the company uses employee and job applicant personal data. (This is an internal document, but it must be shown to the Information Commissioner’s Office (ICO) on request.)
- Data Protection Impact Assessment (DPIA) template, to comply with the requirement for employers to conduct a DPIA for new processing in certain circumstances and to mitigate the risks of new data processing activities.
- Guide to handling individuals’ requests to exercise data protection rights, which sets out guidance for those staff who are responsible for dealing with such requests.
- Guide to handling a personal data breach covering the requirement to notify the ICO and affected individuals, as well as internal record-keeping requirements
These template documents have been newly updated to reflect the end of the post-Brexit transition period and various recent changes to ICO guidance. If you have previously purchased the documents or would like further information please contact Laura Heggs, [email protected].