Your complaints procedure needs to be live in a few weeks.

Q: Does Rowpa cost money?

Free tier is forever free. Paid plans start at £49/month.

From 19 June 2026 every UK organisation must offer a data protection complaints procedure. We wrote a plain-English template you can adopt this afternoon. Free.

Get the free template Try Rowpa free, 14 days

UK GDPREU GDPREU hosted

What the Data (Use and Access) Act actually requires

UK GDPR has always given people the right to complain. The Data (Use and Access) Act, in force from 19 June 2026, makes the process mandatory. Every organisation has to:

Provide a complaint form that can be completed electronically and by other reasonable means.
Acknowledge each complaint within 30 days.
Take appropriate steps to resolve it without undue delay.
Inform the complainant of progress and the outcome.
Keep records of what they did and why.
Update their privacy notice to explain all of the above.

There is no SME exemption. If you process personal data, this applies to you. The deadline is firm.

Get the template that does the work for you

We put together a complaints procedure template designed for small UK businesses. It is the same structure we generate inside Rowpa. You can use it standalone, no Rowpa account needed.

The complaints procedure document

Word and PDF. Adopt it, name your accountable person, you are most of the way there.

A complaint intake form

Ready to put on your website or send by email.

A complaint log template

Track each case from receipt to resolution.

A privacy policy snippet

Two lines to add to your existing notice.

A 5-minute checklist

So you know nothing is missing.

Send me one follow-up email with notes on actually rolling this out. I can unsubscribe in one click.

We will not share your address. We use it to send the template, one follow-up note, and nothing else. See our privacy policy.

Or skip the manual step. Let Rowpa generate yours.

The template is fine. Filling in the template, customising it for your business, keeping it aligned with your privacy policy, and tracking complaints when they come in is the bit that takes time.

Rowpa handles all of that:

Generates your complaints procedure with your business details, your accountable person, your sectors, your sub-processors.
Updates your privacy policy automatically so the wording matches.
Gives you a public URL where complainants can submit a request.
Tracks each complaint: deadlines, status, audit trail.
Stays current with ICO guidance changes (we monitor daily).

Try Rowpa free. 14 days of everything, then free forever.

EU hosted (Frankfurt). No model training on your data. Magic link auth.

Honest scope

This template is right for you if:

You are a UK business of any size.
You currently have no data protection complaints procedure, or one that pre-dates DUAA.
You can spend 30 to 60 minutes adopting a template into your own ops.

This template is not right for you if:

You are already fully compliant with the DUAA changes.
You are in a regulated sector with bespoke complaint rules (FCA-regulated firms, NHS providers).
You need legal advice. We are a tool, not a law firm.

Common questions

Does this affect my business if I have under 250 staff?

Yes. The under-250 ROPA exemption is unrelated. The complaints procedure rule applies to every UK organisation that processes personal data.

What if I already have a 'contact us' page?

Not enough. The DUAA requires a documented procedure with deadlines, audit trail, and explicit reference in your privacy notice.

Is this legal advice?

No. This is a template grounded in ICO published guidance. For unusual situations or for sign-off, talk to a solicitor.

Can I edit the template?

Yes. It is yours once you download it. Most businesses change at most three or four lines.

Does Rowpa cost money?

Free tier is forever free. Paid plans start at £49/month if you need the full ROPA, vendor DPA register, and DSR workflow. The complaints procedure builder works on the free tier.

Where is my data stored if I sign up to Rowpa?

EU (Frankfurt). Encrypted at rest and in transit. We do not train AI on your data.

What happens after I submit my email?

You get the template by email within a minute. Three days later we send one short note about adoption. That is it. You can unsubscribe with one click in either email.

31 days. One afternoon of work.

This is one of the most clear-cut compliance changes the UK has had in years. The deadline is real. The fix is small. Get the template, adopt it this week, mark it off the list.

Get the free template

Build your full GDPR setup with Rowpa: 14 days free