How do I comply with GDPR when storing CCTV footage?

Under GDPR, CCTV footage that identifies individuals is considered personal data. This means your business is responsible for storing, using, and protecting it lawfully.

To comply, you must:

Display clear signage informing people they are being recorded
Store footage securely and restrict access to authorised personnel
Only keep footage for as long as necessary (typically 30 days unless required for an investigation)
Ensure footage is encrypted and protected from unauthorised access
Provide access to individuals who request to see their recorded data

At Edmondson’s, our CCTV systems are fully GDPR-compliant, offering encrypted storage, password protection, and role-based access controls. We can also advise on secure retention policies and remote viewing settings.

Updated on October 29, 2025

Microsoft 365

Phones and Internet

General IT Support

Backups and Security

WordPress

The End of Windows 10

How To Protect Yourself From Scam Emails

Cyber Security Concerns

Comparing Different Website Platforms

Apple vs Android

How to Find Out What Operating System my PC Uses and Upgrade it

Dose Your Device Need Upgrading Before the Windows 10 Switch-Off

Cyber Security & Data Protection

Telecoms & VoIP

Common IT Support Questions

Common Questions You Might Have About Your PC

Cleaning Up Storage & Improving Your PC's Performance

How do I comply with GDPR when storing CCTV footage?

How can we help you?