Health and care
Podiatry, foot care, physiotherapy, occupational therapy, earwax removal, and care services.
Download health and care packOfflico practical document packs
GDPR document update packs
Practical update packs for UK mobile and home-visit service businesses that already have GDPR paperwork and need to update it after the Data Use and Access Act 2025. Choose the pack closest to your profession, or print this page as a quick review copy.
Download general update ZIPBefore you use this
This pack is practical guidance, not legal advice. It is designed to help small UK mobile and home-visit service businesses update common GDPR documents they already use. Replace bracketed text, remove sections that do not apply, and get professional advice if you handle sensitive health information, employee records, children data, complex marketing data, or regulated services.
Profession-specific downloads
Use the pack that best matches the records you actually hold. Each ZIP includes Word-compatible documents, HTML source files, and an existing document update tracker.
Hair and beauty
Hairdressing, barbering, beauty, massage, consultation forms, allergy notes, treatment records, and photos.
Download hair and beauty packHome services
Cleaning, gardening, window cleaning, access notes, keys, alarm details, and property records.
Download home services packPet care
Dog walking, pet sitting, grooming, owner details, vet details, emergency contacts, routines, and keys.
Download pet care packTrades and automotive
Mobile mechanics, tyre fitting, car detailing, plumbing, electrical work, job photos, vehicle details, and warranties.
Download trades and automotive packFitness and wellness
Personal training, PAR-Q records, health screening, injury notes, emergency contacts, and progress photos.
Download fitness and wellness packWhat is inside the download
Existing document update tracker
A review table for checking what changed, who owns the update, and whether the live document has been replaced.
Privacy notice template
Update wording for what you collect, why, lawful basis, sharing, retention, rights, and complaints.
Data protection complaints process
A step-by-step process for receiving, recording, acknowledging, reviewing, responding, and closing complaints.
Client consent form template
Consent and acknowledgement wording for client records, sensitive information, photos, and marketing choices.
Subject access request process
A search and response checklist for client data requests.
Data retention schedule
A table for client details, appointment notes, consent records, invoices, complaints, breach logs, and marketing consent.
Data breach log
An incident record for lost devices, wrong-recipient messages, missing paperwork, or account access issues.
Software supplier checklist
A supplier map for booking software, payments, email, SMS, cloud storage, and accounting tools.
Client record handling policy
A practical policy for where records should live and what should not be left scattered in messages or loose files.
Marketing consent wording
Separate wording for optional email and SMS marketing consent.
Photo and image consent addendum
Separate service-record and marketing-photo consent wording.
Use this as an update pack, not a beginner pack
This pack is for businesses that already have GDPR documents and need to update the working set after the Data Use and Access Act 2025. Start by comparing each existing document with the matching template, then copy only the wording or process changes that genuinely apply to your business.
Document review checklist
| Area | Check | Status |
|---|---|---|
| Privacy notice | It explains what data you collect, why, how long you keep it, and who it may be shared with. | Not started / Reviewing / Done |
| Complaints process | You have a clear route for clients to raise a data protection concern and for your business to record, review, and respond. | Not started / Reviewing / Done |
| Client consent form | Your consent or acknowledgement wording is specific enough for service records, sensitive details, photos, and marketing. | Not started / Reviewing / Done |
| Client records | You know where appointment notes, forms, images, invoices, messages, and attachments are stored. | Not started / Reviewing / Done |
| Retention schedule | You have written down how long common record types are kept and when they are deleted or archived. | Not started / Reviewing / Done |
| Subject access requests | You can find and review a client’s personal data if they ask for a copy. | Not started / Reviewing / Done |
| Breach log | You have a place to record incidents such as lost devices, messages sent to the wrong person, or missing paperwork. | Not started / Reviewing / Done |
| Software suppliers | You know which apps or services process client data on your behalf. | Not started / Reviewing / Done |
Starter wording examples
Privacy notice wording
We collect and use personal information so we can provide our services, manage appointments, keep client records, send service messages, issue invoices, and respond to queries or complaints.
Complaints process wording
If you have a concern about how we handle your personal information, contact [business contact]. We will record your concern, review what happened, respond within [timeframe], and explain any next steps.
Consent wording
I understand that [business name] will keep service records needed to manage appointments, provide the service, issue invoices, respond to queries, and maintain a safe and accurate client history.
Breach log fields
Date: What happened: Data involved: People affected: Immediate action taken: Whether reporting was considered: Final outcome:
Download the editable pack
The ZIP includes Word-compatible .docx files and HTML source copies for editing or printing.
Download editable documents ZIP Back to the resource page