~3 page information security policy template on handling privacy complaints.
The organization is obliged to take privacy-related complaints, enquiries and incident reports seriously, investigate them properly and address them appropriately in accordance with applicable laws and regulations, plus ethical considerations. This policy explains how.
Note: this particular issue is often neglected, even by organizations that take policy seriously and publish sensible privacy policies. There are specific requirements in GDPR about handling complaints, enquiries and requests.
Delivered as an editable MS Word document, easily customized for your organization's specific needs.