I have subsidiary companies based in the EU and UK and our HQ is in Asia, plus several other subsidiary companies in other countries. We are implementing the GDPR now. My question is, do we keep different versions of the GDPR documents (1 for each subsidiary) or should we only maintain 1 main copy that covers all the subsidiaries?
This is mostly up to you. You can have a set of documents for each of the subsidiaries if there are differences between them. For example, the employee privacy notice will be relevant only for the employees in the EU.
If everything is the same, you can have a set of documents applicable to all companies within your group. In this case, you will need to add a paragraph to mention the applicability across the whole group.