Data Protection Policies & Procedures
We can work with you to develop and document your data protection policies and procedures, or to review existing ones to ensure consistency with your GDPR and other data protection obligations. Typical areas covered include:
- Top-level Data Protection policy
- Data Protection incident handling procedure and log
- Data Subject Access Request handling procedure and log
- Standard Data Protection Impact Assessment template
- Records of data processing activities
- Standard procedure for engaging Data Processors
- Personal Data Retention and Destruction Policy, including Retention Periods matrix
- Procedures and standards for securing and encrypting Personal Data
- Direct Marketing policies, if applicable
