The Law Society of Scotland has released an example data protection policy that is in line with GDPR requirements. See here (https://www.lawscot.org.uk/members/business-support/gdpr-general-data-protection-regulation/gdpr-guide/appendix-2-example-of-a-data-protection-policy/) for the link.
The GDPR aims to harmonise data protection laws across all 28 EU member states, this example from the Law Society of Scotland is a good example of what a good data protection policy should look like.
If you would like a bespoke GDPR privacy policy or help with drafting one, please get in contact with Lawdit.