Free GDPR Compliance Templates to Help with Article 30 Record-Keeping
We've written 3 Free GDPR Compliance Templates for you to download here and start using right away. They're a great stepping-stone if you want to use our software too...
They're designed to help you capture a snapshot of all the personal data you process and document where and what you store, and who else processes the data on your behalf.
Template 1 - Free GDPR Data Compliance Data Storage Template
This spreadsheet will allow you to list and describe all the places you store personal data in your business. This includes devices and software, including online / cloud storage locations.
The template gives you a structure to list what is stored on each device / software product or service. It also challenges you to describe the data security you have in place in each instance. You can also store the third party details of organisations you use to process data, like Google and Sage.
Template 2 - Free GDPR Data Profiling Template
This spreadsheet will allow you to profile and document the types of Personal Data you store and use in your business.
It prompts you to document whose data you have, why you have it and what are the lawful bases for processing that data. It also records the categories of personal data you use in your business. It also allows you to record your data retention position for each type of data you process.
Template 3 - Free GDPR Data Processors Template
This spreadsheet will help you identify all the third party organisations that process data on your behalf.
This includes organisations that provide you with business services; like email, accounting, websites, ecommerce and so on. Anyone who you share the Personal Data in your business with can be recorded and profiled, recording whether they are GDPR compliant along with contact details in case you need to engage their help with handling a Data Breach or a Subject Access Request.
If you'd like to take this record-keeping further, then do sign up for our software. In addition to the record-keeping that it provides, it also has a process management system for handling Data Breaches and Subject Access Requests. You can read more about moving on from Spreadsheets for DPA18 / GDPR Compliance here.
Subscribe to our
Weekly GDPR Newsletter.
It's full of really useful updates
for UK small businesses.
Another Large Fine From ICO For Email Marketing Without Consent
Boost Finance Ltd, trading as findmeafuneralplan.com, was behind 4,396,780 emails that were sent from January to September 2017. The emails were sent to people who had subscribed to websites operated by BFL’s affiliates, but who had not given thei... click to read more