Comprehensive GDPR Template Documentation Bundle

Comprehensive GDPR Template Documentation Bundle


Under GDPR the Principles set out in the Data Protection Act 1998 have been reworded, though they have not changed significantly in substance.

The GDPR Principles are:

  1. Lawfulness and Transparency;

  2. Purpose Limitation;

  3. Data Minimisation;

  4. Accuracy;

  5. Storage Limitation; and

  6. Integrity and Confidentiality.

 In addition, an overarching requirement of Accountability has been introduced.

Each Data Controller and Data Processor is expected to have enhanced documentation in relation to all data processing activities that the Information Commissioner’s Office (ICO) can choose to audit at any time.

As made clear on the ICO website, the GDPR contains explicit provisions about documenting data processing activities. Organisations must maintain records on things such as processing purposes, data sharing, and retention, and will be required to make the records available to the ICO on request.

Records must be kept in writing, must be kept up to date and must reflect the organisation’s current processing activities.

BRIEFED© has developed a suite of generic templates based on the requirements of the GDPR. These templates can be downloaded and tailored to suit the specific needs of any organisation. These guidance notes describe the key information needed to complete this task.

Please note these templates are provided as guidance only, they are not a substitute for legal advice. Please see our terms and conditions of use here.

The following GDPR document templates are available from the Briefed online GDPR shop or order via

  1.  Data Protection Policy

  2.  Data Security Policy

  3.  Retention and Disposal Policy

  4.  Privacy Notice

  5.  Subject Access Request Policy

  6.  Data Sharing Agreement

  7.  Joint Data Controller Agreement

  8.  Internal Data Breach Notification

  9.  Data Processed Register

  10.  Training Register

  11.  Device Register

  12.  Third Party Data Sharing Register

  13.  Subject Access Request Register

  14.  Data Breach Register

  15.  Near-Miss Register

Our GDPR Policy Document contains almost 100 pages of templates including all of the sections listed above. 

Add To Cart