Privacy Policy
(UK GDPR)


Summary

This privacy policy template is an external (customer-facing) data protection policy (or privacy notice), intended for general commercial organisations based in the UK. It reflects information and transparency requirements in the UK General Data Protection Regulation (UK GDPR) and relevant guidance issued by the Information Commissioner's Office and European Data Protection Board (EDPB). This template contains practical guidance and drafting notes. This template can be attached to your terms and conditions and/or published on your website, although you will also need to publish a separate cookies policy. This template is not intended as a vehicle for obtaining consent to the processing of personal data. Any request for consent should be prominently drawn to the attention of the data subject, not buried in a lengthy privacy policy. So far as possible, this template identifies non-consent-based lawful grounds for processing. You may wish to change the title of this template to Privacy ...