ICO Workplace Monitoring 2026: What Your Field Service GPS App Must Do to Stay Compliant
Field Service

ICO Workplace Monitoring 2026: What Your Field Service GPS App Must Do to Stay Compliant

April 30, 2026 ยท 3 min

The ICO updated its workplace monitoring guidance in 2026. The changes hit field service companies directly. If you use an app to track where your workers are, ICO GPS monitoring rules now demand three things you probably do not have: a documented DPIA, a specific privacy notice, and proof that GPS is proportionate.

ICO GPS monitoring: what changed

The ICO made three things explicit. First, GPS tracking must be proportionate. You cannot just say “we need it for the business.” You must prove that less intrusive methods would not work. A phone call, a check-in text, a time sheet, if any of these could achieve the same goal, your GPS tracking is disproportionate.

Second, every employee needs a clear privacy notice before you switch the tracking on. Not a generic data protection policy buried in the employment contract. A specific notice that says: we track your GPS location, here is why, here is how long we keep the data, here is who sees it.

Third, you need a Data Protection Impact Assessment. GPS tracking of employees almost always creates a high privacy risk. The DPIA documents that risk and shows what you did to reduce it. No DPIA means no compliance. Full stop.

Company vehicles vs personal devices

For company vehicles, you have stronger legal ground. Legitimate interest usually applies, the company owns the vehicle and has a right to know where it is. But tracking must stop when the shift ends. A company van parked in your employee driveway at 10pm is not your business.

For personal devices, the rules are tighter. You need explicit consent. The employee must be able to withdraw that consent at any time, without fear of consequences. “Consent” that cannot be withdrawn is not consent at all.

Try GeoTapp free for 14 days

No credit card required. Get started in 2 minutes.

Start free trial

Can GPS data be used in disciplinaries?

Yes, but only if the tracking was lawful from the start. Recent UK tribunal cases confirm this. If you cannot demonstrate compliance with UK GDPR, proper notice, lawful basis, proportionality, the GPS evidence may be thrown out. Worse, you may face a counter-claim for privacy violation. The tool you used to catch misconduct becomes the weapon used against you.

What to do right now

Pull up your current GPS setup and check it against this list. Do you have a documented DPIA? Have employees received a specific privacy notice about GPS? Does tracking stop outside working hours? Can employees see their own location data? If any answer is no, you have a gap. And the ICO can come knocking.

GeoTapp was built with UK GDPR compliance from day one: tracking only during work hours, built-in privacy notices, employee data access, DPIA documentation support. Try it free, 14 days, no credit card.

Picture the next ICO letter landing on a Tuesday morning, and your DPIA, privacy notice and access log are already on the desk before the lawyer calls back.

Set up ICO-ready GPS in one real week. Fourteen days, no card.

No credit card, up and running in 2 minutes.

Open your trial

Get articles like this in your inbox

Practical insights on GPS tracking, field operations and GDPR. No spam, just useful content.

Comments

No comments yet. Be the first.

Leave a comment

Related articles

Read also

Try GeoTapp free for 14 days

No credit card required. Get started in 2 minutes.

Start now

ยฉ 2026 GeoTapp โ€” original content. You may quote it and reuse parts with a link to this page. Full republication or commercial use only with our permission.