In order for our site to work, small files called ‘cookies’ have been placed on your device. These mandatory cookies do not process any personal data.
We would also like to use analytics cookies to understand how our site is used by visitors and then use this information to improve our site and the experience of using our site. The service we use is Google Analytics.
Please indicate whether or not you are happy to allow the use of these analytics cookies by selecting one of the options below. You can read more about our cookies before you choose and read our Privacy Notice to find out more information on how we use your personal data
Everyone has to start somewhere. If you are new to this area or think it would be useful for your organisation to get back to basics, work through our step-by-step guide to your obligations to get you on the right track. This is not designed to be a comprehensive list, but simply a starting point.
If you are a controller and need some help navigating your legal duties, taking the time to go through these controller templates will help to support your data protection compliance programme. It will also support the duties you have under the law to maintain records of your processing activities.
If you are a processor and need some help navigating your legal duties, taking the time to go through these processor templates will help to support your data protection compliance programme. It will also support the duties you have under the law to work with any controller you are contracted with.
Data Protection Impact Assessments (DPIAs) are a really important compliance tool when you are embarking on new processing or making changes to existing processes. In some cases it will a legal requirement. Find out more here.
We have produced some basic templates to help you document your processing activities. There is a Data Audit (often referred to as a Data Inventory) template for controllers to complete and a different template for processors.
Please also read our general guidance on how to carry out a data audit.