1 minute read
Who is this guidance for?
This list is not exhaustive. The purposes and technologies that employers use to monitor their workers have changed rapidly over time and will undoubtedly continue to evolve in sophistication. But the principles and rules of data protection remain a constant, which employers need to follow regardless of other developments.
This guidance is aimed at all organisations, both public and private sector that have employees, workers, contractors or volunteers. We use the term ‘worker’ throughout this guidance to refer to someone who performs work for an organisation. Business models have changed in the last decade, with the rise of the gig economy. This guidance captures these relationships too. It is aimed at all circumstances where there is an employment relationship, regardless of the nature of the contract.
This guidance is not relevant to people recording information in a personal or household context unless there is professional or commercial activity. For example, the UK GDPR and this guidance covers using CCTV at home to monitor a nanny. It is also important to note that homeworking does not constitute personal or household processing, and so is also covered by this guidance.
This guidance is not relevant for law enforcement authorities who monitor workers for ongoing criminal investigations. These are subject to the separate law enforcement processing regime in Part 3 of the DPA. It is relevant to the Part 2 of the UK GDPR (non-law enforcement) processing carried out by such authorities. By this, we mean any monitoring carried out which is not for law enforcement purposes. For more information on which regime applies to you, see our guidance on which regime to use.