We would love to hear from you. Call us anytime on +44 (0)1491 821123

Question about GDPR privacy policy

Does a website privacy policy refer only to data collected on the website, or is it a policy for all data collated in an organisation?

Alasdair Taylor's answer to Question about GDPR privacy policy (334579945)

Answer to the question: 

Typically, a website privacy policy will cover data collected through the website. However, in some cases, it will extend to other categories of data processed by an organisation. For example, it may cover customer or customer personnel data collected via some other channel - this is especially likely to be the case where there is cross-over between website activities and offline activities.

It would however be very unusual for a website privacy policy to cover ALL processing. For instance, the processing of employee data would usually be subject to a separate notice.