Policies and Procedures

Under the regulation there is a requirement to document and evidence your organisation compliance with the GDRP. IDPAA can support your organisation through the creation and implementation of the following policy’s.

With all policies and procedures, provided we operate a knowledge transfer process so as your policy is being developed, we also provide clear guidance and understanding of your obligations to each policy:

• Data Protection Policy

• Fair Notice of Processing- Privacy Statements and Cookie Statements (Website)

• Breach Notification Policy & Procedures

• Data Subject Access Policy & Procedures

• Data Retention Policy & Procedures

• Data Deletion Policy & Procedures

• Data Security Policy Digital & Physical

• CCTV Policy & Procedures

• BYOD Policy & Procedures

• Data Transfer Agreements

• Controller/Processor Agreements

• Processor Audit Documentation (supply and review)

• Personal Data Inventory Documentation & Guidance

• Legitimate Interest Assessments (including supporting documentation & guidance)

• Model Contracts

• Guidance on Employee Handbook (Data Protection Updates)

• Data Protection Impact Assessment- Documentation & Guidance