Individuals have the right to be informed about the collection and use of their personal data. This is a key transparency requirement under the UK GDPR and a legal requirement under data protection laws.
Article 13 of the UK GDPR includes a prescribed list of the information that must be given to individuals. This includes:
Data sharing - details of the recipients or categories of recipients of the personal data, if any, should be clearly set out;
Retention period - the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period must be included;
Conciseness – keep your sentences and paragraphs short. Omit any irrelevant or unnecessary information.
Transparency – don’t hide information from people; make sure that you clearly bring to people’s attention any uses of data that may be unexpected, or could have significant effects on them.
Clear and plain language – ensure that the words and phrases you use are straightforward and familiar to your intended audience.
What else do I need to do on my website for data protection compliance?
Cookies notice: almost every website uses some form of cookies (which are tracking technologies). As cookies collect personal data, you are required to tell website visitors about the types of cookies that you use and also get their consent to cookies being used. For more information, read this comprehensive guide to cookies.
Find out more about website compliance by reading these FAQs.
Any type of individuals that you collect personal data about should be provided with a privacy notice telling them how you will use their personal data. This could include:
Employees - to cover personal data that you collect and process about your employees during their employment e.g. address, salary data, sickness and disability data.
Job candidates - to cover personal data that you collect and process about job candidates during the recruitment process e.g. contact details, CV data, disability data.
Shareholders / investors - to cover personal data that you collect and process about shareholders in your company e.g. contact details and financial information.
Related legal templates
Docue is trusted by so many growth companies – from sole traders to listed companies.