More model policies and documents now GDPR-compliant

We have revised our model policies and documents on the right to request flexible working, time off work, retirement, bribery and whistleblowing to comply with the General Data Protection Regulation (GDPR), which is in force from 25 May 2018.

What other model documents have been updated for the GDPR?

We have previously revised our model documents in these three areas:

Look out in the coming weeks for more updates to our model policies and documents to make them GDPR-compliant.

The introduction of the GDPR means that employers should review their documentation to ensure that: data protection and privacy considerations are embedded; only the minimum amount of personal data is collected and processed for a specific purpose; there is a legal basis for processing personal data; and individuals whose personal data is being processed are provided with privacy notices.

Managing time off work and dealing with flexible working requests are both areas in which employers will be gathering personal data. For example, employers could be handling health data when recording and managing absences, and recording the personal information of employees who are making requests for flexible working.

Employers could also find personal data being processed when managing an employee's retirement and when dealing with reports of bribery and public interest disclosures.

We have therefore updated the following model documents in these five areas:

Right to request flexible working

GDPR data protection documents

Data protection documents to use in your GDPR compliance efforts include:

To see all of our data protection policies and documents, go to Policies and documents > Data protection.

Time off work

Retirement

Bribery and whistleblowing