Checklists and Tables
Make sure you are on track with GDPR compliance by using these useful checklists and tables.
Data Audit Questionnaire
This is your starting point. You need to understand what personal data you hold, its source, what you need it for, how you store it and who you send it to. Armed with this information you are then in a better position to evaluate your key risks and next steps. Click here to download.
GDPR Compliance Checklist
This is intended to help you organise your project team and highlight the key issues you need to think about. Click here to download.
Data Protection Network
This website has a useful guidance document on legitimate business interests. Click here to find out more.
ICO Direct Marketing Checklist
The ICO has published a very helpful checklist, which provides a simple way of measuring your current compliance and how to send marketing without breaking the rules. Recital 47 of the GDPR says direct marketing is a legitimate use of personal information, which is true. It is important to remember however, that other rules also apply, for example the Privacy and Electronic Communication Regulations 2003 (PECR). PECR restricts the circumstances in which you can market people and other organisations by phone, text, email or other electronic means. Click here for more information.
Suggested consent wording
For direct marketing (under DPA). Click here to download.
Retention Analysis Table
A starting point to help you think about the categories of personal data you hold and how long you need it for. You will need to devise the right retention plan for your own business. This is not something that a template can be provided for. Click here to download.