This document sets out a company’s reasoning for using CCTV on its premises. It also explains to impacted data subjects (mainly employees) how the company aims to mitigate and reduce the affect CCTV monitoring may or will have on data subject’s privacy.
This document assumes that the company has considered all other options and that CCTV is necessary for the business to apply, and that the company has carried out a data protection impact assessment on its use of CCTV. As a result of putting CCTV in place, the company should review and update its other data protection policies, including its privacy policy, to reflect this new way of collecting personal data. This document assumes that those policies have been or will be updated. This document assumes that the company is incorporated in the UK and that English law applies.