GRI 418: Customer Privacy 2016 sets out reporting requirements on the topic of customer privacy. This Standard can be used by an organization of any size, type, sector or geographic location that wants to report on its impacts related to this topic.


In the context of the GRI Standards, the social dimension of sustainability concerns an organization’s impacts on the social systems within which it operates.

GRI 418 addresses the topic of customer privacy, including losses of customer data and breaches of customer privacy. These can result from non-compliance with existing laws, regulations and/or other voluntary standards regarding the protection of customer privacy.

These concepts are covered in key instruments of the Organisation for Economic Co-operation and Development: see the References section of this Standard.

The disclosures in this Standard can provide information about an organization’s impacts related to customer privacy, and how it manages them.


Effective date: 1 July 2018



GRI 418: Customer Privacy

1. Management approach disclosures
2. Topic-specific disclosures

Disclosure 418-1 Substantiated complaints regarding concerning breaches of customer privacy and losses of customer data






Please see the GRI Standards translation page for available translations of the Standards, or to find out more about the upcoming translation schedule and how to get involved.

Related Standards

This Standard is to be used together with the most recent versions of the following documents.