In 2018 the General Data Protection Regulation (GDPR) came into force for EU countries, and the UK put it on the domestic statute book with the Data Protection Act 2018. The Data Protection Act (2018) was a result of an EU regulation but it’s highly unlikely that Brexit will result in any relaxation in the rules. Strict legislation on data protection is here to stay!
Embedding data protection into the company culture is an approach which will reduce the risk of ICO fines. Aside from detrimental impact of a large fine, a breach in data protection can destroy customer trust, and require the deletion of valuable personal data.
We can advise on how you can ensure you meet your data protection obligations and can create the following documents, help the business to ingrain robust data protection procedures and policies.
- Privacy Policy
- Cookie Policy
- Data Protection Policy
- Privacy notice
- Staff fair processing notice
- Data subject access request policy
- Retention schedule
- Data processing schedule
- Data transfer agreements
- IT security policy
- Internet use policy
- Data protection clause for terms and conditions/contract
- Website Terms of Use
- Acceptable Use Policy
