Essential compliance with UK GDPR and the Data Protection Act 2018.

What is it?

A comprehensive policy template that formalises your compliance with UK GDPR and the Data Protection Act 2018. It outlines how your company collects, uses, stores, and shares employee personal data securely and in line with data protection principles.

Who is it for?

✔ All UK Employers (to accompany the Employee Privacy Notice)

✔ Small businesses needing to formalise their GDPR compliance strategy

✔ Companies looking to transparently inform employees about their data rights

✔ Teams that process personal data for payroll, performance, or compliance

What it helps you do:

• Formalise the legal basis for processing employee data (e.g., contractual necessity)

• Ensure data is processed lawfully, fairly, and transparently (the 7 Principles of GDPR)

• Define the types of personal data collected and how it is used (e.g., payroll, benefits)

• Outline the rights employees have over their personal data (e.g., access, correction)

• Establish clear rules for Data Security, Retention, and Breach Notification

  
  

What’s included:

• Fully editable GDPR and Data Protection Policy (Word document)

• Comprehensive list of data collected and its legal basis for use

• Guidelines for sharing data with third parties (HMRC, pension providers)

• Details of employee rights under UK GDPR

• Security and data retention guidelines

• Signature & acknowledgment pages

  
  

Why choose U-HR templates?

• Designed specifically for small businesses and everyday HR situations

• Simple, practical language with no legal jargon

• More affordable than solicitor-written policies

• Ready to download and customise instantly

  
  

📎 Instant download

📎 Editable in Word