GDPR – Privacy Notices for Employers


You will need to provide a GDPR Privacy Notice to all staff.

Author: Nona Bowkis
Reading time: 3 minutes

This article is 4 years old.

Read our disclaimer keyboard_arrow_down

This website content is intended as a general guide to law as it applies to the motor trade. Lawgistics has taken every effort to ensure that the contents are as accurate and up to date as at the date of first publication.

The laws and opinions expressed within this website may be varied as the law develops. As such we cannot accept liability for or the consequence of, any change of law, or official guidelines since publication or any misuse of the information provided.

The opinions in this website are based upon the experience of the authors and it must be recognised that only the courts and recognised tribunals can interpret the law with authority.

Examples given within the website are based on the experience of the authors and centre upon issues that commonly give rise to disputes. Each situation in practice will be different and may comprise several points commented upon.

If you have any doubt about the correct legal position you should seek further legal advice from Lawgistics or a suitably qualified solicitor. We cannot accept liability for your failure to take professional advice where it should reasonably be sought by a prudent person.

All characters are fictitious and should not be taken as referring to any person living or dead.

Use of this website shall be considered acceptance of the terms of the disclaimer presented above.

GDPR arrives with us on 25 May 2018. We have already given lots of practical advice for dealing with consumer data but businesses must not forget about employee data.

In GDPR terms, employees are Data Subjects and employers are Data Controllers. As an employer you will collect personal data from your employees (and potential employees), and as such, you need to comply with the requirements set out in GDPR Article 13.

You will need to provide a GDPR Privacy Notice to all staff. The Notice can be sent via email or printed out with payslips or put in the Staff Handbook if you have one. A general Notice on the staff room wall may not suffice as you need to be sure that all employees have seen the information. Going forward, you will need to provide a Privacy Notice to all those who apply for jobs with you as Privacy Notices should be given at the time personal data is obtained.

The Notice you give to job applicants is likely to be different to the Privacy Notice you provide when you actually take someone on. The application Privacy Notice would look something like this:

Lawgistics Limited (Lawgistics) of Vinpenta House, High Causeway, Whittlesey, Peterborough PE7 1AE is the Data Controller. The Director Joel Combes is the Data Protection Officer and can be contacted at [email protected] in regard to any data protection issues.

Lawgistics will only use your application details for the purposes of the recruitment exercise. The data will be processed under the lawful basis of legitimate interests. The legitimate interest being perused by Lawgistics is the consideration of the Data Subject’s application for employment.

The data will not be passed on to any third parties.

Unsuccessful applications will be kept for a period of 4 months unless otherwise advised. Successful applications will form part of an employee file and will be subject to the Employee Privacy Notice which will be provided on appointment.

As a Data Subject you have a number of rights in regard to your personal data and these include the right to request from Lawgistics access to and rectification or erasure of personal data or restriction of processing concerning your data or to object to processing as well as the right of data portability. More information on these rights can found at Information Commisioner’s Office which is the organisation to whom you have the right to make a complaint.”

You are welcome to use the above as a template for your own Notice and members will find an Employee Privacy Notice template in the members area.

A digitalised Employee Privacy Notice will form part of our new HR Manager Portal which is due for release at the Cardealer Expo 2018. 

Nona Bowkis

Legal Advisor

Read more by this author

Getting in touch

You can contact us via the form or you can call us on 01480 455500.