This GDPR New Business package is offered to provide resources and documents needed as a starting point in their GDPR journey.

The Start-up Package includes:

• Data Mapping Resources: to assist developing Records of Processing Activities (RoPAs)
• Suite of Policies and Procedures: Organisational Data Protection Policy and related Data Subject Access Request, Data Breach Notification, and Erasure and Rectification Procedures
• Draft Website Privacy and Cookie Notices: Compliant sample Privacy and Cookie Notices that can be adapted for your business

Additional information can be found in my blog posts https://rmdkconsultancy.ie/news/

Disclaimer: The documents are suitable for sole-traders or small businesses engaging in low risk personal data processing who do not require a DPO.

Special Offer

• Sample GDPR Compliant Privacy Notice
• Sample GDPR Compliant Cookie Notice

These Sample Privacy and Cookie Notices are examples of compliant policies that can be tailored into bespoke and accurate notices for your website. They are in Microsoft Word format with comments and notes included so that you can edit them to make them relevant to your own business and website functioning as well as for ease of uploading onto your website.

Please note: These sample documents are written for websites whose purposes are communication and eCommerce, who do not as a core practice transfer personal data outside the EEA and who do not require a DPO. These are sample documents only and should not be used in their current format. You must review and develop your policies in line with your own business and website personal data processing. You also must ensure that you have the correct mechanism in place to manage Cookie Consent options on your website.

These policy and procedure templates are suitable for organisations with low-risk data processing and who do not require a DPO. They are designed to set out the compliance requirements of GDPR in straightforward and manageable way. The documents can be edited to suit your business and come with accompanying templates for monitoring your data protection processes.

Disclaimer: The documents below are template documents suitable for sole-traders or small businesses engaging in low risk personal data processing who do not require a DPO.

This document will form the basis of a review of the personal data processing on your website as well as the use of any cookies that are set. This document forms that basis for developing bespoke and accurate notices for your website.

• Website and Cookie review Document
• Sample GDPR Compliant Privacy Notice
• Sample GDPR Compliant Cookie Notice
• Template for Auditing Cookies

A data processor is any organisation or body that processes personal data at your request and on your behalf. It is a legal requirement to have a Data Processor Agreement with any Third Parties who are processing personal data on your instruction.

A thorough Due Diligence process before engaging a Data Processor enables you to understand areas of liability and how these will be dealt with by both parties, as well as defining and clearly articulating each parties’ responsibilities. The document below forms part of a thorough due diligence assessment process.

Third Party Due Diligence Assessment

• Data Processor Agreement
• Risk, Data Protection and GDPR

• Powerpoint slides: Overview of Data Protection Commission Cookie Guidance April 2020
• Do I need a Data Protection Officer (DPO)?
• EADPP Covid 19, Data Protection and Contact Tracing