Data Protection Policy Template


The purpose of this policy is the protection of data and appropriate legal requirements on the management of data such as the GDPR.

For the document contents see the description below. A document extract is in the images to the left.

You may also like the full ISO 27001 policy template pack for all 26 ISO 27001 policies.


SKU: ISO27001POL28 Category: Tag:

Data Protection Policy Template


The purpose of this Data Protection Policy Template is the company legal and regulatory requirements under the GDPR and the Data Protection Act 2018 and the rights of data subjects.


All company employees and external party users.
Personal Data as defined by GDPR.


Personal data is classified and treated as classification level Confidential and all associated policies, controls and processes apply.

Data Protection Policy Template Contents

Document Version Control 2
Document Contents Page 3
Purpose 6
Scope 6
Data Protection Policy 6
Principle 6
Data Protection Policy Statement 6
Legal Basis for Processing 7
Data protection principles 7
Lawfulness, Fairness and Transparency 7
Purpose Limitation 7
Data Minimisation 8
Accuracy 8
Storage Period Limitation 9
Personal Information Classification and Handling 9
Personal Information Retention 10
Personal Information Transfer / Transmit 10
Personal Information Storage 10
Breach 10
The Rights of Data Subjects 11
The right to be informed 11
The right of access 11
The right to rectification 11
The right to erasure (the right to be forgotten) 12
The right to restrict processing 12
The right to data Portability 12
The right to object 13
Rights in relation to automated decision making and profiling 13
Definitions 14
Personal Data 14
Sensitive Personal Data 14
Data Controller 15
Data Processor 15
Processing 15
Anonymization 15
Policy Compliance 16
Compliance Measurement 16
Exceptions 16
Non-Compliance 16
Continual Improvement 16

High Table ISO 27001 Store

The High Table ISO 27001 store for ISO 27001 policies and ISO 27001 ISMS documents is built on 20 years of experience and real world usage, used to pass hundreds of ISO 27001 audits globally.

Customer reviews


There are no reviews yet.

Be the first to review “Data Protection Policy Template”

You may also like…

Scroll to Top