Not ready to engage a consultant yet? These practitioner-grade resources give you a structured starting point for your GDPR compliance journey — and when you are ready to accelerate, we will be here.
Take the Free GDPR Readiness Assessment →
Checklists
- GDPR Article 30 Record of Processing Activities (RoPA) Template — Document every processing activity, lawful basis, and data category you handle.
- Data Subject Rights Response Checklist — Step-by-step workflow for handling access, erasure, and portability requests within the 30-day deadline.
- Vendor Due Diligence Checklist — Assess third-party processors before signing a Data Processing Agreement.
- Breach Notification Checklist — Determine notifiability, document the incident, and notify the supervisory authority within 72 hours.
Templates
- Privacy Notice Template (GDPR-Compliant) — Covers all Article 13 and 14 disclosure requirements in plain English.
- Data Processing Agreement (DPA) Template — Article 28-compliant DPA for use with sub-processors.
- Legitimate Interests Assessment (LIA) Template — Three-part balancing test with worked examples.
- DPIA Screening Questionnaire — Determine whether a full Data Protection Impact Assessment is required before launching a new product or processing activity.
Guides
- GDPR for Startups: The 90-Day Baseline — Prioritised action plan for companies processing personal data for the first time.
- Lawful Basis Decision Tree — Choose the right legal basis for each processing activity without a lawyer on retainer.
- International Data Transfers After Schrems II — How to use SCCs, Transfer Impact Assessments, and adequacy decisions compliantly.
- Cookie Consent: What Actually Works — Practical implementation guide aligned with ePrivacy and GDPR requirements.
- Preparing for a Supervisory Authority Inquiry — What regulators look for, what documents to have ready, and how to respond.
Need Expert Help?
If you have worked through these resources and need a structured, managed path to compliance, explore our GDPR Readiness Roadmap or Implementation Sprint — or book a free 30-minute consultation with one of our GDPR specialists.