If you have a website for your business, you need a website privacy notice. This one is compliant with the latest UK data protection laws (the General Data Protection Regulation, aka the GDPR).
Website privacy notices inform individuals (with whom you may do business, or interact within a business environment) about how you collect, handle, store and potentially also share, their personal data, as well as the rights that they have in relation to your activities, under the UK?s data protection and privacy laws.
Before you draft your privacy notice, you should undertake a data mapping (or data audit) exercise in order to establish all the types of data that you hold, why you use them, the legal basis for using them and details of when that personal data is shared with other people or organisations.
Not all parts of the notice will be applicable to all businesses, and our experts recommend that you take legal advice in relation to this and your wider data controlling activities within your business.
If you want a general privacy notice for your wider business trading activities off-line, then you should use our general privacy notice template. You should also have a privacy notice for your employees, contractors and workers, explaining to them how you handle their personal data. You can use our data privacy notice for employees, contractors and workers template for these purposes. You?ll need a briefer version of this employee-facing privacy notice for when you recruit candidates too.
For more information on data mapping/auditing, take a look at our guide: data handling rules and what the GDPR means for small businesses. Our GDPR ? what you should be doing now guide and our 14-point GDPR checklist that accompanies it, are also very useful.
Our suite of templates also includes website terms and conditions and website terms of use (coming soon), as well as a cookies policy.