← Back to GDPR Privacy Notice Template
Free preview: Customer Privacy Notice
These are the genuine opening sections of one document from the GDPR Privacy Notice Template (1 documents total). The amber [placeholders] are what you customize — everything else is ready to use.
Customer Privacy Notice
Purpose. This standard provides the customizable text of the public privacy notice that [Company Name] must present to customers, prospects, website visitors, and other external individuals whose personal data it processes. It contains every information element required by Art. 13 GDPR for data collected from the individual and Art. 14 GDPR for data obtained from other sources, arranged as sections the organization tailors before publication. Once customized and approved, the published notice is the organization's primary transparency artifact for external data subjects.
How to Use This Template
This section is internal guidance and must be deleted before publication. The remaining sections form the customer-facing notice. Before publishing, the [Privacy Lead] must replace every bracketed placeholder, delete any section or table row that does not reflect actual processing, and verify each statement against the organization's records: lawful bases against the Lawful Basis Assessment Guide, retention statements against the Data Retention and Deletion Policy, transfer statements against the International Data Transfer Policy, and the inventory of processing against the Records of Processing Activities Standard.
Timing rules: where data is collected directly from the individual, this notice must be available at the moment of collection (Art. 13). Where data is obtained from another source, the notice must be provided within one month of obtaining the data, at the first communication with the individual, or before the first disclosure to another recipient, whichever occurs first (Art. 14).
Who We Are and How to Contact Us
[Company Name], registered at [registered address] under company number [company number], is the controller responsible for your personal data described in this notice. You can contact us about anything in this notice at [privacy@company.example] or by writing to [postal address].
Our [Data Protection Officer / privacy contact] can be reached at [dpo@company.example]. [Delete or adapt: We have appointed [representative name and address] as our representative in the European Union under Art. 27 GDPR.] [Delete or adapt: We have appointed [representative name and address] as our representative in the United Kingdom.]
The Personal Data We Collect and Where It Comes From
We collect the categories of personal data listed below. Most of it comes directly from you; where we obtain data from another source, the table identifies that source, and we indicate where the source is publicly accessible. We do not intentionally collect special category data (such as health data) from customers; if a specific service requires it, we will tell you separately and explain the legal basis at that point.
Why We Use Your Personal Data and Our Lawful Bases
We only use your personal data where the GDPR gives us a lawful basis to do so. The table below lists each purpose, the data involved, and the basis we rely on.
Where we need your personal data to enter into or perform a contract with you, such as a delivery address to fulfill an order, failing to provide it means we may be unable to supply the product or service. Where collection is required by law, such as identity information needed for [tax or anti-money-laundering] purposes, we will tell you at the point of collection and explain the consequences of not providing it.
— Preview ends. The full document continues with 0 more documents in the toolkit. —
More free previews
See real opening sections from our other compliance toolkits before you buy:
- AI Governance Policy Pack — free preview
- ISO 27001 + SOC 2 Dual Toolkit — free preview
- GDPR Compliance Pack for Small Business — free preview
- HIPAA Compliance Toolkit — Dental Practices — free preview
- HIPAA Compliance Toolkit — Medical Practices — free preview
- HIPAA Compliance Toolkit — Mental Health Practices — free preview
- ISO 27001 Policy Pack — Core — free preview
- ISO 27001 Toolkit for E-commerce — free preview
- ISO 27001 Complete Toolkit — free preview
- ISO 27001 Toolkit for Law Firms — free preview
- ISO 27001 Toolkit for MSPs — free preview
- ISO 27001 Toolkit for SaaS Companies — free preview
- ISO 42001 AI Management System Toolkit — free preview
- NIST CSF 2.0 Complete Toolkit — free preview
- SOC 2 Policy Pack — Core — free preview
- SOC 2 Complete Toolkit — free preview
- Startup Trust Pack — SOC 2 Core + AI Governance — free preview
- WISP Toolkit for Tax Professionals — free preview
- Access Control Policy Template — free preview
- AI Acceptable Use Policy Template — free preview
- Acceptable Use Policy Template — free preview
- HIPAA Privacy Policy Template — free preview
- Incident Response Plan Template — free preview
- Information Security Policy Template — free preview
