Select Page

GDPR Toolkit

Implement GDPR easily with our step-by-step toolkit

What’s in your GDPR Toolkit?

Full of useful, practical steps. Delivered online. Easy-to-follow.

10 Step Guide

An easy-to-follow 10-step guide to implement GDPR


Self-Assessment Quiz

Answer the questions to understand your current state

Data Inventory

Create an inventory of existing Data Processing Activities


Gap Analysis

Identify your existing gaps to GDPR compliance


Risk Assessment

Define each risk as Low, Medium, High and quantify effort required to fix


Action Plan

Use the template to allocate tasks to business owners



Sample templates for you to adapt to your Privacy Policies


Sample templates for you to use internally


Forms for types of Subject Access Requests

Breach Reporting

Forms for dealing with Data Breaches


A template to help you complete a Data Protection Impact Assessment

Compliance Score

After you’ve completed the steps, get your GDPR Compliance Score

Policy Templates included in your GDPR Toolkit

All the mandatory policies you need to be compliant

Personal Data Protection Policy
The purpose of this policy is to set out the arrangements that apply to the management of data protection and to affirm our commitment to protect the privacy rights of individuals in accordance with GDPR.
Privacy Notice
The EU General Data Protection Regulation (GDPR) includes rules on giving privacy information to data subjects in Articles 12, 13 and 14. This example Privacy Notice can be adapted to your organisation.
Data Retention Policy
A data retention policy is an organisation’s established protocol for retaining information for operational or regulatory compliance needs.
Data Subject Consent Form
This document is used to obtain from the data subjects the consent for processing personal data for a specific purpose.
Parental Consent Form
This policy should be used to obtain consent from the parent / legal guardian / representative of a minor to process personal data for a specific purpose.
Supplier Data Processing Agreement
This template that can be used to establish the limits and conditions under which a supplier (processor) can process personal data on behalf of company (controller).
Employee Personal Data Protection Policy
This Policy should set out the principles you will follow in relation to personal data you hold about your employees.
Employee Privacy Notice
As an employer you will be required to provide employees by way of a privacy notice. This example Employee Privacy Notice can be adapted to your organisation.
Data Retention Schedule
This Schedule defines the retention period of each type of data, according to the rules set in your Data Retention Policy.
Data Subject Consent Withdrawal Form
This is a form used by the data subjects to withdraw their consent for processing personal data.
Parental Consent Withdrawal Form
This policy should is to enable the parent / legal guardian / representative of a minor to withdraw the consent from processing personal data for a specific purpose.
Breach Reporting Procedure
An example form that your organisation can adapt to your needs, if required. It will help employees report suspected breaches and ensure you have a record of the breach from the start

Contact us.

We'll reply within 1 working day.


  • This field is for validation purposes and should be left unchanged.

I understand that my personal data is being processed in accordance with the privacy notice and accept the terms and conditions of use.

  • No products in the cart.