Register
Forgotten password?

Data protection law

1. Privacy policies

FROM
FREE
2
DOCUMENTS IN THIS FAMILY
A family of documents
Designed to help you to comply with UK and EU data protection law, these privacy policies are, in essence, shorter and simpler versions of our privacy and cookies policy templates. Although cookies are not referenced in the titles of these documents, cookies-related disclosures are included, albeit in summary form.

2. Email disclaimer

FROM
£4.80
OR
4
CREDITS
This is a template for a legal notice to be displayed in email communications. Although the enforceability of email disclaimers may be open to question, many businesses nonetheless incorporate a disclaimer in the footer of all email communications. However, there is no "standard" disclaimer, as different businesses face different compliance obligations and legal risks. This template may be used to create a document covering some ...

3. Privacy and cookies policies

FROM
£19.20
OR
16
CREDITS
4
DOCUMENTS IN THIS FAMILY
A family of documents
Almost every commercial website collects some personal data and few websites entirely eschew the use of cookies and similar technologies. In order to comply with data protection law and the law relating to cookies, website publishers need to disclose to users information about the personal data that they collect and the (not "strictly necessary") cookies that they use. These template privacy and cookies policies will help you do just that.

4. Cyber security incident response policy

FROM
£24
OR
20
CREDITS
This policy provides organisations with a pre-structured way of describing their policy in the event of a cyber security incident. Policy users may be a small group within an organisation, or this policy may be given to all personnel as guidance in the event of an incident. Unlike an employee, contractor or B2B cyber security policy this is not intended to be a legal ...

5. Personal data breach notification policy

FROM
£36
OR
30
CREDITS
This is a personal data breach notification policy, which sets out the procedures to be followed by a business in the event that personal data stored or processed by the business is subject to a breach. The policy has been created with SMEs in mind. The policy is designed to aid compliance with the General Data Protection Regulation or GDPR, and takes account of the ...

6. Data protection information notices

FROM
£36
OR
30
CREDITS
3
DOCUMENTS IN THIS FAMILY
A family of documents
The General Data Protection Regulation (GDPR) and national data protection laws require that controllers of personal data disclose information about their processing of that personal data to data subjects. These data protection information notices will help an organisation that collects personal data relating to its freelances, supplier personnel and customer personnel to comply with the applicable disclosure requirements. These documents are similar to our privacy policy template, but intended for use offline rather than online.

7. Data processing addenda

FROM
£36
OR
30
CREDITS
2
DOCUMENTS IN THIS FAMILY
A family of documents
These addenda should be used to complement an existing contract and bring it into line with the General Data Protection Regulation (GDPR). The GDPR is relatively prescriptive about the clauses that need to be included in contracts between controllers and processors and in contracts between between processors and sub-processors. The drafting of these documents follows the requirements of the GDPR closely.

8. Supply chain cyber security policies

FROM
£36
OR
30
CREDITS
2
DOCUMENTS IN THIS FAMILY
A family of documents
These cyber security policies should be used by a customer purchasing services and wanting to impose contractual obligations upon the supplier in relation to cyber security. The policies can be adapted to focus on specific risks or to apply general standards. These policies were created and are maintained by Emma Osborn of OCSRC.

9. Data processing agreements

FROM
£48
OR
40
CREDITS
2
DOCUMENTS IN THIS FAMILY
A family of documents
Data processing agreements between controllers of personal data and their processors have long been a requirement of EU data protection law, but with the coming of the General Data Protection Regulation (GDPR) they have become more prominent. GDPR-friendly data processing agreements also tend to be longer and more complex than pre-GDPR documents. These templates are designed to help you produce a compliant document with the minimum of fuss. They track the specific requirements of the GDPR very closely, and only supplement those requirements in a few important areas.

10. Data retention policy

FROM
£48
OR
40
CREDITS
This management-level data retention policy should be used to codify the policies and procedures of an organisation in relation to the archiving and deletion of data. The driving force behind the adoption of many retention policies is the General Data Protection Regulation (GDPR), but the suggested drafting in this document covers non-personal as well as personal data. To make effective use of this ...

11. Data sharing agreement (mutual)

FROM
£60
OR
50
CREDITS
This agreement will help you to regulate the sharing of personal data by two companies or other organisations, where each party will act as a controller with respect to the shared data. The document may be used whether the parties will exercise their authority as controllers independently or jointly. Unlike in the case of controller-to-processor transfers, there is no mandated set of clauses ...