Your GDPR Checklist so far

 

We have covered quite a lot in our GDPR series so far. You would be quite forgiven for feeling a little overwhelmed at everything which needs to be accomplished in order to be compliant with the legislation! In order to help you kick start the process and feel confident that you’re up to speed, we have broken down the required tasks into a series of simple steps:


visual separator

 

checkboxFigure out whether you’re a controller or a processor (perhaps you are both!)

checkboxOutline the personal data you process and/or control

checkboxList anyone who processes your customers’ data – ensure that they comply with GDPR

checkboxDo you need consent or can you rely on legitimate interest for processing that data?
! Remember that you need to ask this question for each separate process !

  • If you require consent, how will you acquire it in a compliant manner? E.g. tick box or another type of affirmative action
  • How will you record consent?
  • Create/refine your process for an individual to withdraw consent


checkboxDo you require all the data you collect? If not pare it back

checkboxHow long do you need to store data for? What do you do when that time expires? Write a document (known as a retention policy) outlining to your customers what you do – e.g. anonymise/delete their data etc.

  • Make a list of all the personal data types you store
  • Where do you hold this data?
  • Define the storage period for each
  • Implement your policy & add it to your privacy policy


checkboxIs your data stored securely? If not, put the means in motion to ensure your data is secure

checkboxCreate a privacy policy

  • Your business’s contact details
  • Reasons for collecting and using personal data
  • Any 3rd parties that you work with and what information you pass to them
  • Details of your retention periods
  • Your customers’ rights (including right to withdraw consent and right to lodge a complaint)


visual separator

 

I hope you find this checklist useful. If you have any questions about the points I've raised, or want a more in-depth chat about all things web, please

 
get in touch


At Mercurytide we believe in making the best bespoke web applications from a truly fantastic e-commerce, web design to bespoke business software. We create solutions that add value to your business. Our GDPR Consultancy could provide your business with the tools it needs to be compliant in time. 

 

Read more about the GDPR

PREVIOUS: Legitimate Interests

NEXT: 


www.mercurytide.co.uk would like to store information (cookies) on your computer. By continuing to use this site, you consent to this.
More info