Documents for Business

In excess of 1,000 customisable documents covering every conceivable business issue.
Search all documents in Documents for Business

GDPR data subject access clarification/refusal

GDPR data subject access clarification/refusalBefore responding to a data subject access request, the GDPR says that you can use reasonable means to verify the individual's identity, or you can ask them to be more specific about the data sought where y... Read more

GDPR rectification of data request form

GDPR rectification of data request formThe GDPR provides the right for individuals to make a request to you for the rectification of their personal data, which they can do if they wish by completing our form.The statutory rightThe GDPR provides the r... Read more

GDPR privacy notice for staff

GDPR privacy notice for staffThe GDPR sets out a list of detailed information that must be included in a privacy notice. Our GDPR privacy notice complies with this.Privacy notice requirementsA compliant privacy notice for the processing of personal d... Read more

GDPR erasure of data response letter

GDPR erasure of data response letterYou can use our letter to set out your reply to an individual's request, made under the GDPR, for erasure of some or all of their personal data that you hold about them. Erasure of personal dataWhere any of the grou... Read more

GDPR erasure of data request form

GDPR erasure of data request formThe GDPR enables individuals to make a request for the erasure of the personal data that you hold about them. You can use our form to assist them with making a request.The statutory rightUnder the GDPR, individual dat... Read more

GDPR legitimate interests assessment

GDPR legitimate interests assessmentIf you intend to rely on legitimate interests as your lawful basis for processing certain personal data, you should first conduct a GDPR legitimate interests assessment.Lawful basis for processingTo process persona... Read more

GDPR consent to use of employee's image

GDPR consent to use of employee's imageNormally, you can't rely on an employee's consent as the lawful basis for processing their personal data. However, using their image in marketing materials can be an exception if they have a genuine choice about wh... Read more

GDPR data protection impact assessment

GDPR data protection impact assessmentA data protection impact assessment is required where a new type of processing is likely to result in a high risk to the rights and freedoms of data subjects. Use our document as your starting point.What's a DPIA?... Read more

GDPR data processor clauses

GDPR data processor clausesIf you use any third-party processors to handle employees' personal data, you must by law include a number of key written terms governing data protection in the commercial contracts you enter into with them.Processor obligat... Read more

GDPR personal data breaches register

GDPR personal data breaches registerThe General Data Protection Regulations (GDPR) requires you to document all personal data breaches, whether they're notifiable to the Information Commissioner's Office (ICO) or not. Use our register to do this.Mandat... Read more
Download each file separately