Treat CCTV as a governed evidence source, not a general archive.
Closed-Circuit Television (CCTV) footage can create General Data Protection Regulation (GDPR) risk when collection, access, retention, or release steps are not controlled. A practical workflow helps teams reduce unsafe disclosure, answer access requests, and avoid GDPR fines. The next sections turn CCTV GDPR compliance into an operating checklist.
Quick summary
Record why each CCTV camera exists before footage is collected.
Keep notices visible, plain, and tied to the stated purpose.
Limit access, retention, exports, and third-party disclosure.
Use redaction before release when footage includes other people or identifiers.
Check official GDPR and video-device guidance before changing your workflow.
Reader takeaways
Treat CCTV as a governed evidence source, not a general archive.
Build one workflow for purpose, signage, review, retention, and release.
Redaction supports safer disclosure when a clip contains unrelated people or identifiers.
Sighthound does not claim formal GDPR certification.
Start with a short written record for each camera group. Include the purpose, location, coverage area, footage owner, access roles, review cadence, and retention rule. Keep this record close to your incident, facilities, and privacy processes.
Use official sources as control points, not after-the-fact reading. Compare your workflow with the GDPR full text, then check the European Data Protection Board guidance on processing personal data through video devices before you expand coverage.
Use this operating checklist during camera reviews:
- Record the reason for each camera and review it before changes.
- Place visible notices and keep layered privacy information available.
- Reduce camera coverage to the stated purpose.
- Set a deletion rule and document exceptions.
- Assign named roles for viewing, exporting, and sharing clips.
- Redact unrelated people and identifiers before release.
- Create a search, review, redaction, and export workflow.
This checklist also helps your team explain why a camera is active. Use plain language. A facilities operator, privacy officer, and records custodian should all understand the same control.
For general camera governance, pair this checklist with video surveillance best practices. That guide can sit beside the privacy checklist as an operating reference.
Write down the purpose before a camera is installed or moved. The purpose should be specific enough to guide camera placement, access, retention, and release. Avoid broad wording that allows footage to drift into unrelated uses.
Next, make surveillance visible. Place signs where people can see them before entering monitored areas. Link those signs to fuller privacy information when space is limited. For small-business questions, compare your notice practice with the EDPB CCTV FAQ.
Limit the field of view to match the purpose. If a doorway camera exists to protect entry points, avoid collecting footage from unrelated desks, neighboring properties, or public areas that are not needed. If your CCTV review also handles plates, keep a reference for Automated License Plate Recognition (ALPR), Automatic Number Plate Recognition (ANPR), and License Plate Recognition (LPR). Sighthound’s ALPR, ANPR, and LPR terminology guide can sit in that reference list.
A Data Protection Impact Assessment (DPIA) is often the right place to test purpose, necessity, and proportionality before deployment changes. Use the DPIA review to ask whether a less intrusive camera angle, shorter retention rule, or tighter access model would meet the same operational need.
Retention should have a written rule. Set a default deletion period, then define when footage can be preserved for an incident, claim, complaint, or investigation. A short default rule is easier to enforce than a vague promise to delete footage later.
Access should follow named roles. Separate routine viewing from exporting, sharing, and administrator changes. Keep the number of people with export rights low. Your records process should show who reviewed footage, why they reviewed it, and what was released.
Use the United Kingdom Information Commissioner’s Office guidance on surveillance system data protection principles as a practical check on purpose limitation, data minimization, storage limitation, and security. Use the United States Department of Justice archive on video redaction best practices when building review steps for release.
Disclosure controls matter most when a clip contains bystanders, employees, visitors, vehicles, screens, documents, or IDs. If the release recipient only needs one incident, avoid handing over a broad unreviewed export. Redaction helps narrow the disclosure to what is needed.
A subject access request can involve searching CCTV footage, confirming whether the requester appears, reviewing the clip, protecting other people, and delivering an export. Build the workflow before a request arrives. That saves time during a deadline-driven review.
Use a clear intake form. Capture the requester’s name, contact details, date range, location, description, and any incident reference. Ask for enough detail to locate footage without turning the request process into a barrier.
Create a review path that separates search, privacy review, redaction, approval, and export. If your policy team needs a primer, use what video redaction means before writing the procedure.
Keep release decisions consistent. If a clip includes the requester and unrelated people, review whether those third parties should be obscured before disclosure. Your workflow should also cover audio, visible documents, screens, license plates, and identification documents.
Use a 2026 refresh as a controls review, not a copy edit of old privacy wording. Re-check every camera purpose, every notice, every user with export rights, and every place where footage leaves the organization. If a control no longer matches how the system is used, update the process before the next request or incident.
Build one shared release packet for privacy, security, and records teams. Include the request intake details, search notes, review decision, redaction notes, export approver, release date, and retention exception if the clip must be held longer. This gives your team a repeatable record when someone asks why footage was collected, kept, redacted, or shared.
Finally, test the workflow with a short sample clip. The test should prove that staff can find footage, review identifiers, apply redaction, approve export, and store the release record without inventing steps during a live request.
A practical subject access workflow can be short:
1. Open the CCTV clip and choose Auto Detect.
2. Select object types such as Heads, People, Vehicles, License Plates, IDs, Screens, or Documents.
3. Select Submit and review detections in the Object List / Objects list.
4. Add Custom Redaction where needed for missed areas or contextual identifiers.
5. Use Render & Export after your reviewer approves the release.
Review the Redactor features for product capabilities, then use the Redactor documentation when your team turns the workflow into a repeatable procedure.
Use Article 83 in the GDPR text as the reference point for administrative fine review. The article describes different fine ceilings, and the practical risk depends on the facts, the infringement, the organization, and the regulator’s assessment. The operational goal is simple: keep evidence that shows why cameras exist, who can use footage, how long it stays, and how releases are reviewed.
Important note
Do not treat a redaction tool as a compliance certificate. Sighthound does not claim formal GDPR certification. Redactor is tooling; compliance is the customer's responsibility, and Sighthound content is informational and not legal advice.
Reference links
CCTV footage can fall within GDPR review when it relates to identifiable people. Use the GDPR text and video-device guidance to check purpose, notice, minimization, retention, access, and release controls.
Redaction can obscure unrelated people, license plates, IDs, documents, screens, or other identifiers before a clip is released. Redactor detects Heads, People, Vehicles, License Plates, IDs, Screens, and Documents in video and image.
No. Redactor detects heads, not faces, and it does not identify individuals.
Yes. Redactor runs fully offline and supports air-gapped deployment; no internet access is required for processing.
Sighthound does not claim formal GDPR certification. Redactor is tooling; compliance is the customer's responsibility, and Sighthound content is informational and not legal advice.
Published on: