Before undertaking our Data protection assurance self assessment checklists, you should first determine whether you process personal data as a “controller” or “processor”. The definition of these two terms can be found in our Guide to the GDPR.
In some instances, you will process personal information as both a controller and a processor. When this is the case, we would advise you complete both checklists.
Designed to help you, as a controller, assess your high level compliance with data protection legislation. Includes the rights of individuals, handling requests for personal data, consent, data breaches, and data protection impact assessments under the General Data Protection Regulations.