Basic GDPR Document Template Bundle
Under GDPR the Principles set out in the Data Protection Act 1998 have been reworded, though they have not changed significantly in substance.
The GDPR Principles are:
- Lawfulness and Transparency;
- Purpose Limitation;
- Data Minimisation;
- Storage Limitation; and
- Integrity and Confidentiality.
In addition, an overarching requirement of Accountability has been introduced.
Each Data Controller and Data Processor is expected to have enhanced documentation in relation to all data processing activities that the Information Commissioner’s Office (ICO) can choose to audit at any time.
As made clear on the ICO website, the GDPR contains explicit provisions about documenting data processing activities. Organisations must maintain records on things such as processing purposes, data sharing, and retention, and will be required to make the records available to the ICO on request.
Records must be kept in writing, must be kept up to date and must reflect the organisation’s current processing activities.
BRIEFED© has developed a suite of generic templates based on the requirements of the GDPR. These templates can be downloaded and tailored to suit the specific needs of any organisation. These guidance notes describe the key information needed to complete this task.
Please note these templates are provided as guidance only, they are not a substitute for legal advice. Please see our terms and conditions of use here.
The following GDPR document templates are included in the basic GDPR Template Bundle or order via firstname.lastname@example.org.
- Data Protection Policy
- Data Security Policy
- Retention and Disposal Policy
- Privacy Notice
- Training Register