01

Communicating privacy information

Review your privacy notices and put a plan in place for making any necessary changes in time for GDPR implementation.

02

Individuals’ rights

Check your procedures to ensure they cover all the rights individuals have, including how you would delete personal data or provide data electronically.

03

Consent

Review how you seek, record and manage consent and whether you need to make any changes.

04

Data breaches

You should make sure you have the right procedures in place to detect, report and investigate a personal data breach.

05

International

If your organisation operates in more than one EU member state, you should determine your lead data protection supervisory authority.