5. GDPR for HR Policies

Protecting Employee Data

There is further information and explanations about GDPR for HR within the HR Administration section. Keeping employee data safety and security, and within the GDPR principles is important for GDPR compliance. 

Below, we summarise the policy documents available relating to GDPR for HR. Please note these cover HR only and do not address the wider issue of GDPR and Data Protection i.e. other data within the organisation (although the GDPR principles are the same for all data).

GDPR for HR Policy

This policy sets out how the Company keep and manage employee data. 

Template - GDPR for HR Policy

Data Retention 

This policy confirms how long you will keep employee data. It is broken down into the different data you may hold.

Template - Data Retention Policy

Data Subject Access Request

This policy explains how an employee can make a request to see the data that the company holds on them. This is not restricted to what is held in the employee file, but will include any data, e.g. emails to and from the employee or emails where the employee is the data subject. Please be careful what you put in emails! 

Template - Subject Access Request Policy