01244 300413 support@lhgroup.co 08:30 - 19:00


GDPR Tool Kit for Businesses


  • GDPR Toolkit for Businesses

    Why do I need a toolkit?

    If you are used to reading the law and putting it into practice you might not need our toolkit.

    Some people can read about the legal obligations placed on businesses by the GDPR and understand immediately what they need to do to make their business compliant. Some don’t have the time or resources to get up to speed when it comes to interpreting the law – that’s who our toolkit has been designed for.

    Most toolkit buyers know that their customers and suppliers will become increasingly aware of what compliance means in respect of the security of their information and their privacy protection. They want to get it right.

    It’s for business owners who need a few pointers to avoid putting in a lot of work and then finding that they’ve got it wrong.

Product Description

What’s in the toolkit?

First of all, 11 short videos to explain the different elements of GDPR, so that you’ll be able to understand what you’re doing and why.

The Introduction Video explains what personal data is.

Video 1 will tell you about compiling the Data Inventory using an audit and why it’s important that you complete it before you try to do anything else.

Video 2 explains the 2nd stage of the audit, using the results of Stage 1. It will enable you to separate the data you hold which useful from that which has no use at all.

Video 3 will make you aware of the different legal permissions applicable to data processing. It’s most likely that your business will rely on a combination of individual Consent and Legitimate Interest, but we’ve included the others (in less detail) so that you’re aware of them and why they’re less likely to apply to your business.

Video 4 delves deeper into Legitimate Interest because businesses relying on this legal permission need to be aware of what it can be applied to and what it can’t.

Video 5 explains how data can be securely erased so that your records don’t resurface to bite you on the bum.

Video 6 examines why you need to match data access to specific job roles in order to maintain GDPR compliance and how that can be achieved.

Video 7 looks at the levels of technical protection appropriate to the quantity and types of personal data you process. There’s no reason to pay for protection features that you don’t need and will never use properly.

Video 8 introduces the impact GDPR will have on your HR processes, including how you handle information received from job applicants and other people who don’t work for you but whose information you will hold.

Video 9 deals with your privacy policy – what needs to be in it and why, who it needs to be made available to and why it must be aligned with the ways you process personal data.

Video 10 highlights the pitfalls that you’ll want to avoid when conducting marketing.


Privacy Policy – the essential information you must make available to everyone whose personal information you collect.

Individual Rights Form – to be provided to anyone who wishes to exercise any of their data rights, such as to examine the information you hold about them, have you amend your records if they are incorrect and so on. Using the form ensures that you obtain the correct identifying information to prevent you from releasing personal data to the wrong person.

Data Sharing Pack – contains a checklist and clarification email when establishing data-sharing procedures.

Consent Guidelines – suggested terms to use when obtaining consent to use personal data for specific purposes.

Staff Training Record – GDPR requires a training record to be maintained for everyone in a business with responsibility for processing personal data in any form. This record must be retained as proof that training has taken place, the nature of the training and also the impact of the training in terms of effectiveness (either by a written statement by the person providing the training or the retention of quiz/questionnaire results).

Employee Privacy Policy – you will hold personal data about your employees and use it in a number of ways that are beyond the scope of what you do with client and supplier personal data. It’s essential that the information about how and why you use that data is made available to your employees.

Data Processing Agreement – to define, when dealing with suppliers, what personal data will be processed, for what purpose and the methods of processing necessary to achieve that purpose.

Cookie Policy – to make available on your website.

Data Breach Record – to enable you to properly maintain records of data breaches.

Data Breach Checklist – designed to help you to identify whether a data breach is reportable (to the ICO).  

Update Information Service – because the new data laws are likely to develop over time, we will keep you up to date on changes that are likely to affect your business for 12 months after the date of purchase.

How Does it Work?

The cost for a business with 30 or fewer people is £299 ex VAT  Once you have ordered we prepare your download area and send it to you with your receipted invoice. On receipt you are sent a link with the documents and instructions for use. You can access support via email only using support@lhgroup.co


Share this:


There are no reviews yet.

Only logged in customers who have purchased this product may leave a review.

WordPress Theme built by Shufflehound. © The LH Group (a Dog Media Limited Company) 2008 -2018 All rights reserved.