GDPR - Template Documents
Overview
This article contains information about the different GDPR template documents. The GDPR requires a company to demonstrate they have understood and taken proactive steps towards GDPR Compliance. To assist Invenias customers with this requirement we have provided a sample list of policy Documents which you may be required to complete to support compliance with the GDPR.
At the bottom of this article we have also included a number of Templated Documents which can be downloaded and amended to assist with fulfilling this requirement. Invenias does not make any warranty with respect to these Templated Documents, whether express or implied, and specifically disclaims any implied warranties, whether of merchantability, suitability, fitness for a particular purpose or otherwise for said Templated Documents. By downloading these you accept that they are used at your own risk.
Note that these should not be a substitute for legal advice, you may need to seek your own legal advice when using these templates and creating your policy content.
GDPR Policy Documentation
This list is not exhaustive and companies must take their own, appropriate, legal advice to determine the appropriate documentation, policies and content based on their specific circumstances. Invenias accepts no liability for the use or non-use of this content and documentation and makes no representation or warranty in regard to the legality, appropriateness or suitability of any content or document herein. The content and documents are made available on this understanding and any use of them is at the users own risk.
The following list of documents are provided for review and consideration of use based on customers circumstances and appropriate legal advice:
- Privacy Impact Assessment
- Technical and Organisational Measures
- GDPR Purpose Statement - Default Purposes / Description for Purposes
- Default Lawful basis/ Descriptions
- Data Retention Policy – set policies for review and refresh purposes
- Model Clauses – EU standards
- Privacy Policy
- Data Transfer Policy
- Legitimate Interest Assessment (Balance Test) – for each purpose
- Data Breach Process
- InfoSec policy
- Lawful basis policy/Consent Policy
- Children’s data policy
- Data Processing Record
- DSAR process policy
- DSAR identity verification policy
- Default Template for Right to be Informed
Resources
GDPR Documentation Controller Template
GDPR Training and Awareness Tracking Sheet
Data Retention Policy Template
Data Subject Access Request Form - Proof of Identity
GDPR Guidance Legitimate Interests Sample LIA Template