Policies & Compliance
Company policies, employee handbooks, website terms of service, and privacy policies
Anti-Bribery and Corruption Policy
Create a comprehensive Anti-Bribery and Corruption Policy compliant with the Foreign Corrupt Practices Act (FCPA) of 1977, the Sarbanes-Oxley Act of 2002, and state anti-bribery laws. Covers prohibited conduct, gifts and hospitality thresholds, third party due diligence, books-and-records requirements, confidential reporting, whistleblower protections, training, and enforcement.
Anti-Bribery and Corruption Policy (Canada)
Create a comprehensive Canadian Anti-Bribery and Corruption Policy compliant with the Corruption of Foreign Public Officials Act (CFPOA), the Criminal Code Part IV (bribery and secret commissions), and provincial procurement laws. Covers prohibited conduct, gifts thresholds, third party due diligence, books-and-records requirements, whistleblower protections under Criminal Code s.425.1, and training.
Data Retention Policy (Canada)
Create a comprehensive Canadian Data Retention Policy compliant with PIPEDA Principle 5, provincial privacy laws (PIPA BC, ATIPPA NL), CRA retention requirements, and the Canada Business Corporations Act. Covers retention schedules for employee, financial, customer, and health records, secure destruction, legal holds, and individual data rights.
Diversity, Equity and Inclusion Policy (Canada)
Create a comprehensive Canadian Diversity, Equity and Inclusion (DEI) Policy compliant with the Canadian Human Rights Act, Employment Equity Act, Accessible Canada Act, Pay Equity Act, and provincial human rights codes. Covers protected grounds, recruitment commitments, duty to accommodate, harassment prevention, employment equity, training requirements, monitoring and reporting, and complaint procedures.
Environmental Policy Statement (Canada)
Create a comprehensive Canadian Environmental Policy Statement compliant with CEPA 1999, the Impact Assessment Act 2019, the Canadian Net-Zero Emissions Accountability Act, and provincial environmental legislation. Covers emission reduction targets, NPRI reporting, waste management, water quality, carbon pricing, and incident reporting.
Fire Risk Assessment (Canada)
Create a comprehensive Canadian Fire Risk Assessment compliant with the National Fire Code of Canada 2020, provincial fire safety legislation, CAN/ULC-S524, and provincial OH&S regulations. Covers fire detection, fire fighting equipment, means of egress, hazard identification, fire safety plans, and accessibility requirements.
First Aid Policy (Canada)
Create a comprehensive Canadian workplace First Aid Policy compliant with the Canada Labour Code Part II, provincial OHS regulations, CSA Z1220, and WSIB/WCB requirements. Covers first aid attendant designations, kit locations, AED provisions, emergency procedures, training requirements, and incident reporting.
Lone Worker Policy (Canada)
Create a comprehensive Canadian Lone Worker Policy compliant with the Canada Labour Code Part II, provincial OH&S acts (Alberta OHS s.393, Ontario OHSA s.25, BC WorkSafe Part 4), and CCOHS lone worker guidance. Covers lone worker definitions, hazard assessments, communication procedures, check-in systems, prohibited activities, training, and emergency protocols.
Manual Handling Risk Assessment (Canada)
Create a comprehensive Canadian Manual Handling Risk Assessment compliant with the Canada Labour Code Part II, the Canada Occupational Health and Safety Regulations (SOR/86-304), CCOHS ergonomic guidelines, and provincial OH&S regulations. Covers task description, load assessment, environment factors, risk evaluation, control measures, and action plans.
Privacy Policy (Canada)
Canadian privacy policy compliant with PIPEDA, Quebec Law 25, and provincial privacy legislation (AB PIPA, BC PIPA), including CASL anti-spam requirements.
Return Policy Template (Canada)
Create a Canadian Return Policy compliant with provincial Consumer Protection Acts, the Competition Act, and PIPEDA. Define return windows, refund methods, shipping responsibilities, and non-returnable items under Canadian law. Download as PDF or Word.
Social Media Policy (Canada)
Create a comprehensive Canadian Social Media Policy compliant with PIPEDA, the Canada Labour Code, Canadian Human Rights Act, CASL for marketing, and Charter s.2(b) freedom of expression. Covers personal and company account guidelines, privacy-compliant monitoring, confidentiality, disciplinary consequences, and approval process.
Whistleblower Policy (Canada)
Create a comprehensive Canadian Whistleblower Policy compliant with the Criminal Code s.425.1, Public Servants Disclosure Protection Act (PSDPA), Canada Business Corporations Act, and provincial securities whistleblower programs. Covers designated compliance officers, confidential reporting, anonymous reporting, investigation procedures, anti-reprisal protections, and external regulatory agency reporting.
Workplace Safety Assessment (Canada)
Create a comprehensive Canadian Workplace Safety Assessment compliant with the Canada Labour Code Part II, the Canada Occupational Health and Safety Regulations (SOR/86-304), WHMIS 2015, CCOHS guidelines, and provincial OH&S legislation. Covers hazard identification, risk evaluation, hierarchy of controls, and corrective action plans.
Data Retention Policy
Create a comprehensive Data Retention Policy compliant with CCPA, HIPAA record retention, SOX Section 802, FLSA, FTC Disposal Rule, and state data privacy laws. Covers retention schedules for employee, financial, customer, and health records, secure destruction procedures, legal holds, and consumer data rights.
Diversity, Equity and Inclusion Policy
Create a comprehensive Diversity, Equity and Inclusion (DEI) Policy compliant with Title VII of the Civil Rights Act, the ADA, ADEA, Equal Pay Act, GINA, and state anti-discrimination laws. Covers protected categories, recruitment commitments, reasonable accommodations, harassment prevention, training requirements, monitoring and reporting, and complaint procedures.
Environmental Policy Statement
Create a comprehensive Environmental Policy Statement compliant with NEPA, the Clean Air Act, Clean Water Act, RCRA, CERCLA, and EPA regulations. Covers emission reduction targets, waste management, water quality, pollution prevention, compliance monitoring, and incident reporting procedures.
Fire Risk Assessment
Create a comprehensive Fire Risk Assessment compliant with OSHA 29 CFR 1910.38-39, NFPA fire codes (NFPA 1, 10, 13, 72, 101), and state fire regulations. Covers fire detection systems, fire fighting equipment, means of egress, hazard identification, risk evaluation, emergency action plans, and ADA accessibility.
First Aid Policy
Create a comprehensive workplace First Aid Policy compliant with OSHA 29 CFR 1910.151, ANSI/ISEA Z308.1-2021, and state-specific OSHA requirements. Covers first aid responder designations, kit locations, AED provisions, emergency procedures, training requirements, OSHA recordkeeping, and Good Samaritan protections.
Lone Worker Policy
Create a comprehensive Lone Worker Policy compliant with the OSHA General Duty Clause §5(a)(1), 29 CFR 1910.38 emergency action plans, and state OSHA requirements. Covers lone worker definitions, risk assessments, communication procedures, check-in systems, prohibited activities, training requirements, and emergency response protocols.
Manual Handling Risk Assessment
Create a comprehensive Manual Handling Risk Assessment compliant with the OSHA General Duty Clause Section 5(a)(1), 29 CFR 1910.176, the NIOSH Revised Lifting Equation, and state ergonomic regulations. Covers task description, load assessment, environment factors, risk evaluation, control measures, and action plans.
Privacy Policy
Running a website or app that collects any user data — even just an email for a newsletter? You legally need a Privacy Policy. It's not optional; regulations like GDPR and CCPA require you to tell users what data you collect, why you collect it, and how you protect it. Without one, you risk fines and lost trust. Our free template helps you cover data collection practices, cookie usage, third-party sharing, user rights, and contact information. Fill in the details, preview your policy, and download it as PDF or Word — no account needed.
Return Policy Template
Running an online store or retail business without a clear return policy? That's a recipe for customer disputes and chargebacks. A well-written return policy template sets expectations from the start—covering what can be returned, the timeframe for returns, refund methods, restocking fees, and how exchanges work. Whether you sell physical products, digital goods, or services, customers want to know what happens if they're not satisfied. This template helps you create a professional policy that builds trust while protecting your bottom line. Covers return windows, condition requirements, shipping costs, and exceptions. Free PDF and Word download.
Social Media Policy
Create a comprehensive Social Media Policy compliant with NLRA §7 protected concerted activity, FTC Endorsement Guidelines (16 CFR Part 255), CFAA, state off-duty conduct laws, and Title VII anti-harassment requirements. Covers personal and company account guidelines, monitoring, confidentiality, disciplinary consequences, and approval process.
Terms of Service
Running a website, app, or online platform? Your Terms of Service is the rulebook for everyone who uses it. It sets the ground rules — acceptable use, account responsibilities, payment terms, intellectual property rights, limitation of liability, and how you handle disputes. Without clear terms, you're leaving yourself open to abuse and lawsuits. Every serious online business needs one, and ours covers the essentials for modern platforms. Our free template is easy to customize. Fill in your details, preview, and download as PDF or Word — no account needed.
Anti-Bribery and Corruption Policy (England & Wales)
Create a comprehensive Anti-Bribery and Corruption Policy for England and Wales, designed to constitute "adequate procedures" under section 7(2) of the Bribery Act 2010. This template covers the six MoJ principles: top-level commitment, risk assessment, proportionate procedures, due diligence, communication and training, and monitoring. Includes gifts and hospitality register threshold, facilitation payments prohibition, political and charitable donations rules, third party due diligence, whistleblowing procedures, investigation and sanctions, and record retention aligned to the Limitation Act 1980. Download as PDF or Word.
Data Protection Impact Assessment (DPIA) — UK GDPR (England & Wales)
Create a comprehensive Data Protection Impact Assessment (DPIA) fully compliant with UK GDPR Article 35, Article 36 prior consultation, and the Data Protection Act 2018 for England and Wales. This template covers all mandatory DPIA elements: systematic processing description (nature, scope, context, purpose), lawful basis under Article 6, special category Article 9(2) conditions, data subject categories, automated decision-making assessment under Article 22, third-party processor identification with Article 28 DPA status, international transfer mechanisms including UK IDTA, necessity and proportionality assessment, structured risk identification and assessment matrix, risk mitigation measures, residual risk evaluation, DPO consultation under Article 35(2), ICO prior consultation decision under Article 36, and formal approval with dual signatures. Suitable for processing activities involving new technologies, large-scale monitoring, profiling, biometric data, and other high-risk processing. Download as PDF or Word.
Data Retention Policy (UK)
Create a comprehensive Data Retention Policy for England and Wales that supports compliance with the UK GDPR storage limitation principle (Article 5(1)(e)) and the Data Protection Act 2018. This template covers all essential elements: organisation identification, policy scope, a detailed retention schedule by data category (employee records, payroll and PAYE, recruitment, health and safety, CCTV, customer records, contracts, and financial records), legal retention requirements under the Companies Act 2006, Income Tax (Earnings and Pensions) Act 2003, HMRC guidance, Limitation Act 1980, RIDDOR 2013, and COSHH Regulations 2002. Includes secure destruction procedures, legal hold provisions, review and audit obligations, responsibilities, and breach consequences. Download as PDF or Word.
Environmental Policy Statement (England & Wales)
Create a comprehensive Environmental Policy Statement for your business in England and Wales, compliant with the Environmental Protection Act 1990, Environment Act 2021, Climate Change Act 2008, Waste (England and Wales) Regulations 2011, ESOS Regulations 2014, and Companies Act 2006 Streamlined Energy and Carbon Reporting. Covers carbon reduction targets, waste management, water conservation, sustainable procurement, biodiversity, pollution prevention, and incident reporting. Fill in your company details, preview in real time, and download as PDF or Word.
Equality, Diversity and Inclusion Policy (UK)
Create a comprehensive Equality, Diversity and Inclusion (EDI) Policy for England and Wales, compliant with the Equality Act 2010. This template covers all nine protected characteristics, direct and indirect discrimination, harassment, victimisation, reasonable adjustments, recruitment commitments, training requirements, grievance procedures, monitoring and reporting, and disciplinary consequences for breaches. Suitable for private and public sector employers of all sizes. Fill in your organisation's details, preview in real time, and download as PDF or Word.
First Aid Policy (England & Wales)
Create a legally compliant First Aid Policy for your UK workplace under the Health and Safety (First-Aid) Regulations 1981 (SI 1981/917). This template covers your legal obligations under HSWA 1974 section 2, MHSW 1999, and the HSE Approved Code of Practice L74 — including first aider appointments, first aid kit locations, AED provision, emergency procedures, training requirements, RIDDOR reporting obligations, and record-keeping under the UK GDPR. Suitable for offices, factories, warehouses, construction sites, schools, and care homes across England and Wales. Fill in your workplace details and download as PDF or Word.
GDPR Data Breach Notification Form (England & Wales)
Create a comprehensive UK GDPR Data Breach Notification Form compliant with Articles 33 and 34 of the UK General Data Protection Regulation and Section 108 of the Data Protection Act 2018. This template covers mandatory ICO notification within the 72-hour window, data subject communication obligations, breach classification (confidentiality, integrity, availability), categories of personal data affected, scale assessment, risk evaluation, remediation measures, and cross-border supervisory authority notifications under the NIS Regulations 2018. Suitable for data controllers of all sizes operating in England and Wales. Download as PDF or Word.
Lone Worker Policy (England & Wales)
Create a legally compliant Lone Worker Policy for England and Wales. Covers employer duties under HSWA 1974 s.2(1), risk assessment obligations under MHSW Regulations 1999 reg.3, Corporate Manslaughter and Corporate Homicide Act 2007, RIDDOR 2013 incident reporting, check-in procedures, communication systems, training requirements, and prohibited lone working activities.
Modern Slavery Statement (England & Wales)
Create a Modern Slavery and Human Trafficking Statement compliant with section 54 of the Modern Slavery Act 2015 for England and Wales. Required for commercial organisations with annual turnover of £36 million or more. Covers organisational structure and supply chains, relevant policies, due diligence processes, risk assessment and high-risk areas, steps taken to address risks, staff training, and KPIs for measuring effectiveness. Signed by a director and approved by the board. Download as PDF or Word.
Employee Privacy Notice — UK GDPR (England & Wales)
Create a legally compliant Employee Privacy Notice for England and Wales that satisfies the mandatory transparency obligations under UK GDPR Articles 13 and 14 and the Data Protection Act 2018. This template covers all required disclosures: data controller identity, DPO contact details, categories of employee data collected, lawful basis for processing (including Article 6 and Article 9 conditions), special category data handling, data sharing with third parties, international transfer safeguards using the UK IDTA, retention periods aligned with HMRC and Employment Rights Act 1996 requirements, automated decision-making disclosure, full data subject rights, and the right to complain to the ICO. Compliant with the ICO Employment Practices Code. Download as PDF or Word.
Return & Refund Policy (UK)
Create a legally compliant UK Return & Refund Policy covering the Consumer Rights Act 2015, Consumer Contracts Regulations 2013, 14-day cooling-off period for online sales, 30-day right to reject faulty goods, repair/replace/refund rights, digital content, and non-returnable items. Suitable for UK online retailers, e-commerce stores, and physical shops.
Social Media Policy for Employees (England & Wales)
Create a comprehensive Social Media Policy for Employees compliant with the Data Protection Act 2018, UK GDPR, Employment Rights Act 1996, Equality Act 2010, Defamation Act 2013, Computer Misuse Act 1990, and ACAS guidance. This template covers personal and professional social media use, company account management, confidentiality, monitoring, data protection, anti-discrimination obligations, disciplinary consequences, and approval processes. Suitable for employers of all sizes in England and Wales. Fill in your company details, preview in real time, and download as PDF or Word.
Whistleblowing Policy (UK)
Create a comprehensive Whistleblowing Policy (Public Interest Disclosure Policy) for England and Wales, compliant with the Employment Rights Act 1996 Part IVA as inserted by the Public Interest Disclosure Act 1998. This template covers qualifying disclosures (criminal offences, legal obligation failures, health and safety dangers, environmental damage, miscarriages of justice, and deliberate concealment), internal and external reporting channels, prescribed persons under the Prescribed Persons Order 2014, confidentiality protections, the statutory right not to be subjected to detriment (s.47B ERA 1996), protection against automatic unfair dismissal (s.103A ERA 1996), investigation procedures, anonymous reporting, false allegations, and record-keeping. Suitable for private and public sector employers of all sizes. Fill in your organisation's details, preview in real time, and download as PDF or Word.
Whistleblower Policy
Create a comprehensive Whistleblower Policy compliant with the Sarbanes-Oxley Act Section 806, Dodd-Frank Act Section 922, and the False Claims Act. Covers designated compliance officers, confidential reporting channels, anonymous reporting, investigation procedures, anti-retaliation protections, SEC whistleblower program, and external regulatory agency reporting.
Workplace Safety Assessment
Create a comprehensive Workplace Safety Assessment compliant with the OSHA General Duty Clause Section 5(a)(1), 29 CFR 1910 (general industry), 29 CFR 1926 (construction), and ANSI/ASSP Z10. Covers hazard identification, risk evaluation, control measures, hierarchy of controls, and corrective action plans.