Appendix 2 - Example of a data protection policy

• Guide to GDPR

In this section

• Ten steps
• Law firms as data controllers
• Create a record of data processing
• Marketing
• Client confidentiality, legal privilege and limited exemptions
• Sharing data with third parties
• Data retention
• Data protection officers
• AML and data protection
• Security
• Reporting personal data breaches
• Requests for copies of personal data
• Appendix 1 - Consent
• Appendix 2 - Example of a data protection policy
• Example of Privacy Notice