~3-page information security policy concerning compliance obligations in the privacy domain.
Privacy is an important ethical and business concern for the organization in addition to the compliance obligations under applicable privacy-related laws, regulations and contractual terms.
Due to the complex global mesh of privacy-related laws and regulations, this policy lays out generic axioms and broad policy statements to guide privacy compliance activities as a whole, leaving the specific details to experts familiar with particular situations and the corresponding legal, regulatory and contractual obligations.
This is not legal advice.
Supplied as an MS Word document, readily customised for your organisation's specific situation.