National Association of Business Crime Partnerships

GDPR documents

Data Protection Act 2018


Example documentation

The following are examples of documentation Business Crime Reduction Partnerships should have to satisfy the requirements of the General Data Protection Regulation as part of the Data Protection Act 2018. The documents apply to the electronic processing of data and were kindly created by Littoralis for the use of Business Crime Partnerships. 

Legitimate interest statement.jpg

Legitimate interest statement

This document combines the three documents obligatory for Exclusion Schemes using the lawful basis of Legitimate Interests for processing personal data, and where that processing may threaten the rights and freedoms of Data Subjects. This document may be requested by the ICO. It is not necessary to provide this document in response to a Subject Access Request. If preferred, split this into three separate documents.

Personal data processing document.jpg

Personal data processing documentation

This document contains the information required by Data Protection law relating to your current personal data processing activities. This document may be requested by the ICO. It is not necessary to provide this document in response to a Subject Access Request by either an Offender or a Member.

Privacy notice (members).jpg

privacy notice (Members)

This document must be provided to Members when their personal data is first processed (eg collected) or, if this is not possible, as soon as it becomes possible (for example when you may later obtain their contact

Privacy notice (offenders).jpg

privacy notice (Offenders)(short form)

This short-form version of the Privacy Notice (for Offenders) could be used where it is impractical to present the full version; for example on the reverse of a Warning or Exclusion Card. However, it is essential that it includes a reference to the full version and how the Offender can access it.

BCRP radio usage and the data protection act 2018

BCRP Radio Usage and the data protection act 2018

This guide explains the NABCP’s policies on radio usage and the Data Protection Act 2018.

BCRP logo new 2016 small.png

Policy on processing children’s data.

This is an example policy kindly reproduced with permission from the Brighton & Hove BCRP with regards to processing personal data of children and minors on the basis of Legitimate Interest. The Brighton & Hove BCRP do not accept legal liability for any other BCRP that chooses to adopt it.