EM Law | Commercial Lawyers in Central London
A privacy standard should be stated as being non-contractual. This will allow an organisation to change and update the policy as the need arises without seeking the agreement of the entire workforce.
Although is not a requirement of the GDPR that employees sign a privacy standard, a signature may be useful as evidence that employees have been properly informed of their data collection and handling practices, including the rights of individuals whose personal data is processed by the organisation. An acknowledgement of receipt clause can therefore be added at the end of the policy.