This page is updated regularly. If you find a link that doesn’t work please let us know.

The legislation

The GDPR in full – this is a marked up, easy to use version of the regulations with good search functionality.

UK Data Protection Bill. Note: each EU member state will have its own data protection legislation based on GDPR.

Getting Started

Here are some guides that provide a good overview of GDPR and how it may affect you and your customers.

The UK Information Commissioner’s Office has a number of authoritative and readable guides, including:

If your company is not UK based, you find your national data protection authority here (PDF).

Our free assessment tools

Tried, tested and fully annotated assessment and planning tools for data controllers and data processors based on ICO guidance. Use these tools for a quick self assessment or in-depth planning.

Assessment tool for data controllers

Assessment tool for data processors

Unsure whether you are a data controller, data processor or both?

  • A controller determines the purposes and means of processing personal data. For example: HR data, data about your customers.
  • A processor is responsible for processing personal data on behalf of a controller. For example: if you offer a service that manages payroll for other companies.

Read more on data controllers and processors.

If you’re uncertain what the results mean, how you’d make changes or have any questions email: