GDPR Toolkit

Implement GDPR easily with our step-by-step toolkit

What’s included

What’s in your GDPR Toolkit?

Full of useful, practical steps. Delivered online. Easy-to-follow.



10 Step Guide

An easy-to-follow 10-step guide to implement GDPR

Self-Assessment Quiz

Answer the questions to understand your current state



Data Inventory

Create an inventory of existing Data Processing Activities

Gap Analysis

Identify your existing gaps to GDPR compliance

Risk Assessment

Define each risk as Low, Medium, High and quantify effort required to fix

Action Plan

Use the template to allocate tasks to business owners

Policies

Sample templates for you to adapt to your Privacy Policies



Procedures

Sample templates for you to use internally



Forms

Forms for types of Subject Access Requests



Breach Reporting

Forms for dealing with Data Breaches



DPIA

A template to help you complete a Data Protection Impact Assessment



Compliance Score

After you’ve completed the steps, get your GDPR Compliance Score

Policy Templates included in your GDPR Toolkit

All the mandatory policies you need to be compliant

Personal Data Protection Policy

The purpose of this policy is to set out the arrangements that apply to the management of data protection and to affirm our commitment to protect the privacy rights of individuals in accordance with GDPR.

Privacy Notice

The EU General Data Protection Regulation (GDPR) includes rules on giving privacy information to data subjects in Articles 12, 13 and 14. This example Privacy Notice can be adapted to your organisation.

Data Retention Policy

A data retention policy is an organisation’s established protocol for retaining information for operational or regulatory compliance needs.

Data Subject Consent Form

This document is used to obtain from the data subjects the consent for processing personal data for a specific purpose.

Parental Consent Form

This policy should be used to obtain consent from the parent / legal guardian / representative of a minor to process personal data for a specific purpose.

Supplier Data Processing Agreement

This template that can be used to establish the limits and conditions under which a supplier (processor) can process personal data on behalf of company (controller).

Employee Personal Data Protection Policy

This Policy should set out the principles you will follow in relation to personal data you hold about your employees.

Employee Privacy Notice

As an employer you will be required to provide employees by way of a privacy notice. This example Employee Privacy Notice can be adapted to your organisation.

Data Retention Schedule

This Schedule defines the retention period of each type of data, according to the rules set in your Data Retention Policy.

Data Subject Consent Withdrawal Form

This is a form used by the data subjects to withdraw their consent for processing personal data.

Parental Consent Withdrawal Form

This policy should is to enable the parent / legal guardian / representative of a minor to withdraw the consent from processing personal data for a specific purpose.

Breach Reporting Procedure

An example form that your organisation can adapt to your needs, if required. It will help employees report suspected breaches and ensure you have a record of the breach from the start

Contact us.

One of our team will give you any details you need in person, by phone or by e-Mail. Whichever suits you.

Enquiry

I understand that my personal data is being processed in accordance with the privacy notice and accept the terms and conditions of use.