A data protection policy (DPP) sets out an organisation’s protocol for collection and management of personal data. A breach of the data protection rules can result in a fine of up to £500,000 so it is vital that everyone handling data is aware of the law and follows the correct procedures.
A clear DPP sets out for staff members exactly what is required of them when it comes to the collection of personal data. It should specify who is responsible for any data held and make it easy for employees to comply with the law. It is good practice to provide a copy of the DPP to each staff member.
A DPP should contain procedures for the collection, safe storage, use and deletion of personal data. For example data should never be shared with a third party, should be made available if requested by the individual concerned and should be deleted at the point it is no longer of use for the original purpose.
Submit your enquiry to Lexoo and get quotes from expert data protection lawyers who can help draft your agreement or help with any related issues.
Get 3 handpicked quotes from our legally trained team
A free no obligation discussion with our lawyers