Your employer must inform you of:
the identity of the data controller and any data protection officer
the purpose of processing the data and the relevant legal basis
the source and category of any data that you did not provide yourself
who will receive the data (department or roll)
how long your employer intends to keep the data - for example, 3 years after the end of your employment
your rights under GDPR
whether the data is to be transferred out of the EU, the legal basis for this and the safeguards in place
whether your employer uses any automated decision making or profiling