Welcome to your GDPR questionnaire Name Email Company Phone Policy and Governance Is GDPR non-compliance a concern to your company? YesNo1 out of 17 Have you put policies and procedures in place to mitigate risks to personal data? YesNo2 out of 17 Do policies and procedures set clear responsibilities for handling of personal data? YesNoI don't know3 out of 17 Do you provide data protection awareness training for all staff? YesNo4 out of 17 Do you have a designated Data Protection Officer? YesNoI don't know if I need one5 out of 17 Does anyone outside your business have access to your data? YesNoNot sure6 out of 17 Do you have a process in place for data breach reporting? YesNo7 out of 17 Business Processes & data Do you seek direct consent for use of the data from those that you hold data on? YesNoNot Applicable 8 out of 17 For each piece of personal information you hold, do you record the purpose for which it was obtained? YesNo9 out of 17 Do you have a process for correcting inaccurate records, deleting records or suspending the processing of records? YesNo10 out of 17 Do you have mechanisms in place which make it as easy for the data subject to remove consent for data processing and do you ensure it is as easy to remove consent as it was for them to give it? YesNo11 out of 17 Systems and Technology Has your business established an information security policy supported by appropriate security measures ? YesNoI don't know12 out of 17 Are you certain that your data is secure? YesNo13 out of 17 Is your data accurate and up to date? YesNo14 out of 17 Do you have a data protection or data privacy statement compliant with the requirements of the General Data Protection Regulation (GDPR)? YesNo15 out of 17 Do you have documented data retention periods and do these cover contractual and legal requirements? YesNo16 out of 17 Do you have a security framework in place? YesNo17 out of 17Please click submit to continue.