Welcome to your GDPR questionnaire


Policy and Governance

Is GDPR non-compliance a concern to your company?

1 out of 17

Have you put policies and procedures in place to mitigate risks to personal data?

2 out of 17

Do policies and procedures set clear responsibilities for handling of personal data?

3 out of 17

Do you provide data protection awareness training for all staff?

4 out of 17

Do you have a designated Data Protection Officer?

5 out of 17

Does anyone outside your business have access to your data?

6 out of 17

Do you have a process in place for data breach reporting?

7 out of 17

Business Processes & data

Do you seek direct consent for use of the data from those that you hold data on?

8 out of 17

For each piece of personal information you hold, do you record the purpose for which it was obtained?

9 out of 17

Do you have a process for correcting inaccurate records, deleting records or suspending the processing of records?

10 out of 17

Do you have mechanisms in place which make it as easy for the data subject to remove consent for data processing and do you ensure it is as easy to remove consent as it was for them to give it?

11 out of 17

Systems and Technology

Has your business established an information security policy supported by appropriate security measures ?

12 out of 17

Are you certain that your data is secure?

13 out of 17

Is your data accurate and up to date?

14 out of 17

Do you have a data protection or data privacy statement compliant with the requirements of the General Data Protection Regulation (GDPR)?

15 out of 17

Do you have documented data retention periods and do these cover contractual and legal requirements?

16 out of 17

Do you have a security framework in place?

17 out of 17

Please click submit to continue.