gdpr employee

GDPR and your employees

GDPR and Employee Personal Data Amidst the haze of GDPR headlines it can be...

Back to News and Events

GDPR and your employees

11th May 2018

News : Employment Law

GDPR and Employee Personal Data

Amidst the haze of GDPR headlines it can be easy to think that as a business you need only be concerned about the personal data of your clients and customers. However, under the General Data Protection Regulation (GDPR) which comes into force on 25th May 2018, certain data about your employees will count as personal data too.

The GDPR is not intended to be a radical overhaul of data protection legislation but rather a strengthening of the rights enjoyed by data subjects (i.e. the people about whom you hold data). Employees will be data subjects and therefore will have the same entitlements enjoyed by any other data subject. Such rights include: the right to be informed about how, where and when their data is being processed, the right to make a subject access request; and the right to request erasure of their data in certain circumstances.

As well as strengthening data subjects’ rights, the GDPR also changes the lawful bases upon which you can process data. Before you can process (think collect, store, transfer, delete etc.) personal data you must identify a lawful justification for processing. If your processing cannot be justified on one of six bases appearing in the GDPR, processing will be unlawful. One such lawful basis is that the processing is necessary for the performance of a contract with the data subject. This may seem like the obvious justification for processing your employees’ personal data. You must consider carefully your processing activities and decide whether it is truly necessary for the employment relationship. Your lawful justification will need to be communicated to your employees (usually by way of a privacy notice).

What should you do as an employer?

The GDPR is unlikely to significantly change the substance of your relationship with your employees. However, it is very likely that in order to be technically compliant with the GDPR you will need to make a number of changes to your employment contracts and workplace policies.

If your employment documentation needs a review or redraft, or if you require advice about any aspect of the GDPR, please contact Eve Lakin via or on 01270 619689. Alternatively, please visit our Employment services page here or complete this form for a call back.


Issue 4 of Poole Alcock Insight is here! Grab a coffee and enjoy Augusts edition of our free Emagazine.

Posted 18th August 2020


Weve had a 5* review from Ian: Kate Heath and team - once again, amazing

Posted 29th July 2020

arrow-down-white arrow-left-white arrow-right-white arrow-right call cloudicon_laptop_add icon_purchase_new icon_purchase_standard icon_quill icon_remortgage icon_sale_purchase icon_sale icon_tick phone-call search settlement-icon skull social_facebook social_instagram social_linkedin social_pinterest logo-twitter-glyph-32 social_youtube speedo stars tail-right (1)Created with Sketch. tail_right tick_circle_green tick_circle wave-smaller Mask