GDPR Policy Template

Our GDPR templates, assessments and policy documents are supporting businesses with GDPR compliancy.

A fundamental segment of the EU General Data Protection Regulation is producing appropriate documentation to demonstrate your compliance. As part of the new regulation, organisations will need to produce a data protection policy. Our GDPR policy template will be of great use to you!

Companies across the UK and Europe will need to asses the way in which they collect and store data. The General Data Protection Regulation requires responsibility and transparency from organisations – meaning you should be able to demonstrate how you collect, process and store personal information. Whether you’re self-employed or you’re the owner of a large organisation, you will need to follow the new regulation to avoid any penalties.


  • Access to our pre-prepared policies and procedures, aligned with the best practice.
  • Easy download and customisation to meet your needs.
  • Great to use with Microsoft Word, PowerPoint and Adobe Acrobat.
  • E-mail support service for queries, issues and suggestions, with a 24 hour response.

Browse our GDPR & ISO 27001 document packs

Our document library contains hundreds of original pages of high quality data protection documentation and information security. We’ve produced this content to provide a comprehensive and effective resource for organisations establishing or improving their data protection and information security.

We possess over 20 years of practical experience. Using this experienced and our intel with ISO and GDPR standards, we have pre-prepared these policies and procedures to align with current best practice. This is designed to save you valuable time and resources in implementing processes within your organisation.

Data protection policy

Failing to follow the data protection rules will leave to substantial fines. With a GDPR data protection policy in place, it will help you comply with the GDPR requirements through setting out clear procedures to be followed by the business and by data subjects.

A collection of templates and policies

Within our collection of GDPR and data security policy documents, you will find comprehensive and effective resources, guides, templates and checklists. These are suited to organisations establishing or improving their Data Protection and Information Security working practices.

InfoSaaS document packs all

ISO27001 & GDPR Documentation Bundle

  • Get both the ISO27001 documentation set AND our GDPR documentation set
  • Save 27%

ex VAT

ISO27001 Documentation Set

  • Information Security Policy
  • Information Security Manual/Guide
  • Eight Steps to ISO27001 Certification
  • Document Control & Record Management Policy
  • Document Control Procedure
  • Record Management Procedure
  • Mandatory Documents (ISO27001:2005 standard)
  • Mandatory Documents (ISO27001:2013 standard)
  • Transition Guide between the ISO27001 2005 and 2013 versions
  • Asset Risk Treatment Template
  • Asset Baseline Control Template
  • Adding Information Security Responsibilities into Job Descriptions
  • Employee Information Security Training Presentation (PowerPoint)
  • Acceptable Use Policy
  • Access Control Policy
  • Anti-Virus Policy
  • Asset Management Policy
  • Bring Your Own Device (BYOD) Policy
  • Business Continuity Management Policy
  • Data Protection Policy
  • Encryption Policy
  • Information Security Incident Management Policy
  • Information Security Training Policy
  • Management Review Policy
  • Password Management Policy
  • Secure Development Policy
  • Social Media Policy
  • Supplier Security Policy
  • Internal Audit Policy
  • Internal Audit Procedure
  • Corrective Action Procedure
  • Preventive Action Procedure
  • Internal Audit Report Template
  • Corrective & Preventive Action Template
  • Business Continuity Management Guide
  • Cloud Security Guide
  • Cryptography Overview
  • Data Centre Security Checklist
  • Data Erasure Guide
  • Government Data Security Classifications
  • Information Classification & Handling Guide
  • Information Security and ITIL
  • Payment Card Industry Data Security Standard (PCI DSS) guide
  • Premises Physical Security Guide
  • Viruses & Trojans: Common Threats Explained
  • Workplace Information Security Weaknesses Guide
  • 12 Illustrated Information Security Educational Posters (A4 Size)

ex VAT

General Data Protection Regulation (GDPR) Set

  • Data Protection Policy
  • Data Protection Training Policy
  • Data Access Request Procedure
  • Data Correction Request Procedure
  • Data Erasure Request Procedure
  • Data Portability Request Procedure
  • International Data Transfer Policy
  • Subject Access Request Procedure
  • Consent Management Procedure
  • Data Breach Management Procedure
  • Privacy Impact Assessment Procedure
  • Third Party Data Processing Procedure
  • Subject Access Request Template
  • Subject Access Request Log
  • Data Subject Consent Form
  • Data Subject Consent Withdrawal Form
  • Parental Consent for Children Form
  • Data Breach Notification Form
  • Data Breach Register
  • Data Retention Policy
  • Data Asset Inventory Record Template
  • Privacy Impact Assessment Issue Log
  • Data Protection Officer Job Description
  • Sample Website Privacy Policy
  • Overview of EU US Privacy Shield (PDF)
  • List of EU Supervisory Authorities
  • List of Non-EU Supervisory Authorities
  • GDPR Glossary of Terms (PDF)
  • UtopiaR* Privacy Impact Assessment Solution Manual (PDF)
  • UtopiaR* Privacy Impact Assessment Solution Sample Report (PDF)
  • The EU General Data Protection Regulation (GDPR) came into effect on the 25th of May 2018. It’s time for organisations to establish, implement and maintain the effective policies, procedures and working practices to fully comply with GDPR and avoid financial penalties.

ex VAT

Let's talk about how InfoSaaS can help you better understand your information security and data protection needs

Contact Us