This page is updated regularly. If you find a link that doesn’t work please let us know.
The GDPR in full – this is a marked up, easy to use version of the regulations with good search functionality.
UK Data Protection Bill. Note: each EU member state will have its own data protection legislation based on GDPR.
Here are some guides that provide a good overview of GDPR and how it may affect you and your customers.
The UK Information Commissioner’s Office has a number of authoritative and readable guides, including:
- Guide to the General Data Protection Regulation
- Electronic Mail Marketing Guide
- GDPR FAQ for Charities
- Lawful Basis for Consent
If your company is not UK based, you find your national data protection authority here (PDF).
Our free assessment tools
Tried, tested and fully annotated assessment and planning tools for data controllers and data processors based on ICO guidance. Use these tools for a quick self assessment or in-depth planning.
Unsure whether you are a data controller, data processor or both?
- A controller determines the purposes and means of processing personal data. For example: HR data, data about your customers.
- A processor is responsible for processing personal data on behalf of a controller. For example: if you offer a service that manages payroll for other companies.
If you’re uncertain what the results mean, how you’d make changes or have any questions email: firstname.lastname@example.org.