Build your own GDPR compliance programme with free expert templates
Get access to a growing library of data privacy compliance templates that will allow you to build your own programme and help fulfil your documentation requirements.
Available now
GDPR documentation requirements guide
An overview of the documents mentioned in UK GDPR. What they are, the legal basis for preparing them and who should prepare them.
GDPR legitimate interests assessment
A template to assist you in making a legitimate interests assessment.
Coming soon
UK GDPR & EU GDPR privacy policy
A complete privacy policy template that will cover your website and general needs. This policy is written to cover UK GDPR and EU GDPR.
Tags: UK GDPR,EU GDPR
GDPR, PECR & ePrivacy cookie policy
A robust cookie policy designed to meet the standards of PECR and the ePrivacy directive. This comprehensive policy includes optional disclosures for analytics and advertising cookies.
Tags: UK GDPR, EU GDPR, PECR, ePrivacy
Cookie audit template
Make sure you do cookie audits correctly with our helpful template. This document will help you go from raw data about the cookies used on your website or app to a complete list, ready to be pasted into your cookie policy.
Tags: PECR, ePrivacy
Data protection impact assessment (DPIA)
A DPIA helps you identify and minimise the data protection risks of a project. Under GDPR you must do a DPIA for processing that is likely to result in a high risk to individuals. It is also good practice to do a DPIA for any other major project which requires the processing of personal data.
Tags: UK GDPR, EU GDPR
Data flow map
A data flow map helps you fully understand what data you collect, where you collect it from, where and how you process it and where you transfer or share this data. Completing this document helps you fulfil your obligations under the accountability principle.
Tags: UK GDPR,EU GDPR
Restricted transfers audit
This document helps you analyse the risks of any restricted data transfers that you carry out. And to determine which legal mechanism is required. Most companies will make the use of some form of restricted transfer.
Tags: UK GDPR, EU GDPR
Restricted transfers log
This document helps you keep track of your restricted transfers and helps you keep any documentation relating to your chosen legal mechanism, for example SCCs in order. Using this document can help you set appropriate review periods.
Tags: UK GDPR, EU GDPR
Data security checklist
This security checklist will help to consider some procedures you should have in place to protect the personal data you hold. The checklist includes physical and digital methods of protecting personal data.
Tags: UK GDPR, EU GDPR
Direct marketing – email checklist
This checklist can serve as a pre-flight check for email marketing campaigns. It can help you make sure that you are following the direct marketing rules set out in the PECR and ePrivacy directive.
Tags: PECR, ePrivacy
Direct marketing – phone checklist
This checklist can serve as a pre-flight check for phone marketing campaigns. It can help you make sure that you are following the direct marketing rules set out in the PECR and ePrivacy directive.
Tags: PECR, ePrivacy
Direct marketing – SMS checklist
This checklist can serve as a pre-flight check for SMS marketing campaigns. It can help you make sure that you are following the direct marketing rules set out in the PECR and ePrivacy directive.
Tags: PECR, ePrivacy
Direct marketing – third party list checklist
This checklist can help you evaluate whether your use of third party marketing lists fulfils your legal requirements under the GDPR and PECR.
Tags: PECR, ePrivacy
