Skip to main content
UK guides

How to email payslips to employees (UK guide 2026)

A plain-English guide for UK small businesses sending payslips by email — the legal position, the security bar UK GDPR sets, and the practical steps.

By Atinderpal Singh, Founder of Ghugi · Last updated May 2026

The short version

  • Yes, it's legal to email UK payslips — the law (Employment Rights Act 1996 s.8) requires an itemised pay statement, not a specific format.
  • UK GDPR adds one requirement: 'appropriate security'. In practice that means password-protect the PDF or send it through a secure channel.
  • Three real options: in-software email (Sage/Xero/BrightPay), manual one-by-one, or an automated tool. Pick by how many employees you send to.

Is it legal to email payslips in the UK?

Yes. UK law requires every employer to give every worker an itemised pay statement on or before payday. That requirement comes from section 8 of the Employment Rights Act 1996. The law specifies what the statement must show — gross pay, deductions, net pay, hours where relevant — but it is silent on the format. Paper, email attachment, and employee self-service portals are all acceptable delivery methods.

What the law does not let you do is skip the itemised statement, send it late, or omit the required line items. If you email a payslip that meets those rules, you are compliant with employment law. UK GDPR adds a separate security layer on top — covered in the next section.

The right to an itemised pay statement was extended in April 2019 by the Employment Rights Act 1996 (Itemised Pay Statement) (Amendment) Order 2018. That amendment added two things: workers (not just employees) are entitled to a statement, and where pay varies with hours worked, the number of hours has to appear on the payslip itself.

Enforcement runs through the employment tribunal. Section 11 of the Employment Rights Act 1996 lets a worker apply to the tribunal if they haven't received an itemised pay statement or if a statement is incomplete. The tribunal can order the employer to provide the missing information and, in some cases, refund unnotified deductions. The format the statement arrives in — paper, PDF, portal — doesn't change any of that.

What does the law actually require?

Two laws apply in parallel: the Employment Rights Act 1996 (the pay-statement content) and UK GDPR + the Data Protection Act 2018 (the security around personal data on that statement).

Employment Rights Act 1996 s.8 — every itemised pay statement must show:

  • Gross pay (the total before deductions).
  • Variable deductions (Income Tax, National Insurance, pension, student loan) with the amount and the purpose of each.
  • Fixed deductions, either itemised on the payslip or in a separate standing statement.
  • Net pay (the actual take-home).
  • Where pay varies with hours worked: the total hours of variable-rate work.

UK GDPR Article 32 — 'appropriate security'. Payslips contain personal data (name, salary, NI number, sometimes home address). The Information Commissioner's Office (ICO) doesn't mandate a specific technical control, but it expects employers to apply controls proportionate to the risk. For payslip email delivery that typically means one of:

  • A password-protected PDF where the password is unique to the recipient.
  • Delivery through a secure portal the employee logs into.
  • A managed-email service that encrypts the message in transit and at rest.

Article 32 frames "appropriate" by reference to four factors: the state of the art, the cost of implementation, the nature and scope of the processing, and the risk to the data subject's rights. For routine payslip delivery to a verified personal email address, the ICO has signalled in its 2020 employment-practices guidance that a password-protected PDF or an authenticated portal both clear the bar. Plain, unencrypted email attachments to a personal address sit at the edge — defensible for a single employee who has explicitly consented to that channel, hard to defend for a bulk send.

The Data Protection Act 2018 complements UK GDPR by setting out the UK-specific exemptions and the ICO's enforcement powers. Neither law names "payslip" specifically — they apply to the personal data on it (name, salary, deductions, NI number, sometimes home address). The harder the data, the higher the bar. A payslip carrying salary plus NI number plus DOB is a richer dataset than, say, a meeting invite, which is why most UK employers do password-protect.

For most UK small businesses the password-protected PDF route meets the bar with the least friction.

How to send a payslip by email — step by step

These steps work for any UK small business that already has PDF payslips from their payroll software (BrightPay, Sage, Xero, QuickBooks, Moneysoft, or an accountant). Whichever route you take, the legal and security rules below apply equally — the difference is how much of the work the tool does for you.

  1. Step 1: Generate the PDF in your payroll software

    Run payroll as you normally would and export each employee's payslip as a PDF. Every major UK payroll product produces PDF payslips out of the box — BrightPay, Sage 50, Sage Business Cloud, Xero, QuickBooks, IRIS, Moneysoft, and most accountancy bureaus' systems. If your software emits a different file type (some older bureaus produce TXT or RTF), most modern PDF printers can convert in one click. Save the PDFs somewhere quick to find on the next step — a single folder per pay run is the cleanest convention.

  2. Step 2: Decide on protection — password, portal, or managed delivery

    For a small employer the simplest UK-GDPR-friendly choice is a password-protected PDF where the password is unique to each employee (date of birth in DDMMYYYY format is the most common UK convention — so 15 March 1990 becomes the password `15031990`). Per-employee passwords mean a single forwarded email never compromises more than one recipient. If you'd rather not handle passwords yourself, a managed service or an employee portal both achieve the same outcome; the trade-off is convenience vs. infrastructure cost.

  3. Step 3: Confirm the recipient's email address

    Use the personal email address the employee gave you when they joined. Avoid sending to a work address unless the employee has explicitly consented — work mailboxes are often accessible to IT, to line managers, and to whoever inherits the role after a leaver. If a new starter only supplied a work address, capture a personal address as part of onboarding and record their preference in writing. Mistyped email addresses are a leading cause of misdelivery, so double-check the domain on the first send.

  4. Step 4: Send the email with the payslip attached

    Body copy should identify the pay period (e.g. 'Your payslip for April 2026') and tell the employee how to open it (the password convention if you've protected it). Keep the subject line specific and consistent month-to-month so the email is easy to find in a search later. Send on or before payday — Section 8 of the Employment Rights Act 1996 requires the statement to land at the same time pay does, not after. Avoid attaching multiple employees' payslips to a single email.

    See a free payroll calendar

  5. Step 5: Keep an audit trail of when and where each payslip went

    Save a send-log: which payslip, to which address, at what timestamp, and whether the message was delivered. HMRC requires PAYE records to be kept for at least three years after the tax year they relate to, and an employment tribunal can ask for evidence going back further. If a payslip is ever disputed — by the employee, by HMRC, or by a tribunal — that log is your evidence the statement was issued on time. A dedicated tool keeps this automatically; if you're sending manually, a spreadsheet works.

Should I password-protect payslip PDFs?

For most UK small businesses, yes. UK GDPR's 'appropriate security' standard doesn't prescribe a control, but a password-protected PDF is the simplest way to meet it — and it's the control the ICO has signposted as a reasonable baseline for routine personal-data attachments.

The common UK convention is to use the recipient's date of birth in DDMMYYYY format (so 15 March 1990 becomes `15031990`). Every employee already knows their own date of birth, and the password is unique per recipient. Anyone the email is forwarded to — accidentally or otherwise — would need that date of birth to open the file.

What to avoid:

  • A single password used for every employee. Treated by the ICO as insufficient — one leak compromises every payslip.
  • The employee's name, employee ID, or NI number as the password. These are too discoverable.
  • No protection at all on a personal email address. Defensible only when the rest of the delivery channel is provably secure (e.g. internal mail relay with TLS-only enforcement).

For a step-by-step walkthrough — applying the password in Acrobat, Word or Preview, what employees type to open the file, and protecting a whole payroll at once — see how to password-protect a payslip.

What about employees without an email address?

Paper payslips are still legal. If an employee doesn't have an email address — or asks for paper as a reasonable adjustment under the Equality Act 2010 (for example a visual impairment that makes PDFs hard to use) — print and hand over (or post) the payslip on or before payday.

For a mixed workforce (some on email, some on paper) the practical pattern is: ask each employee at onboarding which channel they prefer, record that preference, and stick to it. Posted payslips should go in sealed envelopes; an open-format payslip lost in transit is a UK GDPR personal-data breach in the same way a misdirected email is.

If an employee changes their preference later, capture the change in writing (an email reply is fine) and update your record. The choice belongs to the employee, not the employer.

Bulk-sending: manual vs automated

Three real options. Pick by how many payslips you send.

Option 1 — In-payroll email feature. Sage, Xero, BrightPay, QuickBooks, and IRIS all have built-in email-payslips features. Fine for a small headcount, but each tool ties you to its own delivery quirks. Sage 50 sends from a shared bureau address by default; BrightPay Desktop needs per-employee email setup before the feature works; some Xero plans cap the per-batch size. None of them password-protect the PDF unless you configure it explicitly, and the audit trail lives inside the payroll tool — not always easy to extract for HMRC requests.

Option 2 — Manual one-by-one. Open Gmail/Outlook, attach the PDF, type the email, send. Repeat. Works for 1–5 employees; gets tedious at 10+ and error-prone at 25+. The two failure modes are misdelivery (sending Alice's PDF to Bob's address) and attachment-name leaks (a PDF named `Smith_J_April_2026.pdf` reveals the recipient if it forwards). Neither is fatal at small scale — both compound as the workforce grows.

Option 3 — Automated tools. A dedicated tool ingests the PDF batch, matches each one to the right employee, password-protects automatically, and sends them in bulk with a full audit log. Ghugi is one example — drag in the PDFs, hit send. There are also portal-based alternatives (employees log in to download) — different shape, different fit. When evaluating, look for: per-employee password support, send-log retention, custom-domain support so the email comes from your business address (not a vendor's), and a clear data-residency story for UK employers. See our comparisons for an honest side-by-side.

Common mistakes

  • Wrong recipient. Sending Alice's payslip to Bob is a UK GDPR personal-data breach, reportable to the ICO within 72 hours if the data crosses the harm threshold. Any sending tool should match each PDF to the right person before the send button is enabled.
  • No audit trail. If you can't show when a payslip was sent and to which address, you can't prove compliance with the on-or-before-payday rule.
  • Shared password across all payslips. Compromises every recipient at once. Use per-employee passwords.
  • Sending to a work address without consent. Work mailboxes are often shared or accessible to IT — sending personal pay information there without explicit employee consent is risky.
  • Late delivery. The statement must arrive on or before payday. A payslip that lands a day late is technically a breach of the Employment Rights Act 1996 s.8.
  • Old branding on the email template. After a company rename, payslip-emails often still carry the old logo or sign-off until someone notices. Confusing for employees and a soft data-leak (the old entity name lingers on a current-tax-year document). Re-check the email template after any branding change.
  • No delivery monitoring. Sending the email isn't proof the employee received it. If a personal Gmail address is full, gets bounced as spam, or no longer exists, the payslip is undelivered and Section 8 of the Employment Rights Act 1996 isn't satisfied. Either use a tool that reports bounces back to you, or check a delivery confirmation periodically.

Frequently asked questions

Can I send payslips by email in the UK?

Yes. UK law requires an itemised pay statement on or before payday but doesn't mandate a format. Email, paper, and self-service portals are all legal delivery methods provided the security around the payslip is proportionate to the data (UK GDPR Article 32).

Is it legal to email payslips without password protection?

It can be, but UK GDPR's 'appropriate security' standard expects controls proportionate to the risk. For payslips that contain salary, National Insurance number and home address, a password-protected PDF (one password per employee) is the standard low-friction control most UK small businesses apply.

Can I email a payslip to an employee who has left?

Yes. You'll usually be sending their final payslip and possibly a P45 — the same delivery rules apply. Send to the personal email address they've supplied. If they haven't given one, fall back to paper at their last known address.

How do I send a P60 by email?

The same way as a payslip — your payroll software produces the P60 as a PDF, you email it to the employee's personal address by 31 May, ideally password-protected. Ghugi treats P60s as 'just another PDF batch' — the delivery mechanics are identical to monthly payslips.

What should the email body say?

Identify the pay period (e.g. 'Your April 2026 payslip is attached'), tell the employee how to open the file (the password convention), and give them a way to reach you with questions. Keep it short — the payslip is the message.

Do I need the employee's consent to email payslips?

There's no explicit legal requirement to capture consent for email delivery, but in practice you should ask each new starter for the email address they want their payslips sent to and record their preference. That gives you a clean answer if anyone later challenges the delivery channel.

Want Ghugi to handle the email step?

Drag in the PDFs from your payroll software. Ghugi matches each one to the right employee and sends them encrypted, from your own email address, with a full audit log. From £15/month.

Try Ghugi free for 30 days →See how it works

No credit card required · Cancel anytime · UK-built

Disclaimer: This guide is general guidance for UK employers. It is not legal advice and does not replace consulting a solicitor, accountant, or the ICO directly for your specific circumstances. Statutory references and rates are checked at publication and reviewed every April.