Full GDPR Compliance Tracking
To maintain GDPR compliance
The GDPR Tracker will guide you through the following:
This definition provides for a wide range of personal identifiers to constitute personal data, including name, identification number, location data or online identifier, reflecting changes in technology and the way organisations collect information about people.
The GDPR applies to both automated personal data and to manual filing systems where personal data are accessible according to specific criteria. This could include chronologically ordered sets of manual records containing personal data.
Personal data that has been pseudonymised – eg key-coded – can fall within the scope of the GDPR depending on how difficult it is to attribute the pseudonym to a particular individual.
This definition provides for a wide range of personal identifiers to constitute personal data, including name, identification number, location data or online identifier, reflecting changes in technology and the way organisations collect information about people.
The GDPR applies to both automated personal data and to manual filing systems where personal data are accessible according to specific criteria. This could include chronologically ordered sets of manual records containing personal data.
Personal data that has been pseudonymised – eg key-coded – can fall within the scope of the GDPR depending on how difficult it is to attribute the pseudonym to a particular individual.
The special categories specifically include genetic data, and biometric data where processed to uniquely identify an individual.
- processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
- direct marketing (including profiling); and
- processing for purposes of scientific/historical research and statistics.
If the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, you must also inform those individuals without undue delay.
You should ensure you have robust breach detection, investigation and internal reporting procedures in place. This will facilitate decision-making about whether or not you need to notify the relevant supervisory authority and the affected individuals.
You must also keep a record of any personal data breaches, regardless of whether you are required to notify.
DPIAs can be an integral part of taking a privacy by design approach.
The GDPR sets out the circumstances in which a DPIA must be carried out.
These restrictions are in place to ensure that the level of protection of individuals afforded by the GDPR is not undermined.
GDPR Templates & Policies Included
We have a selection of ready to use GDPR templates and policies to show how your small business is GDPR complaint.


GDPR Compliance Report
Once you’ve put all the correct measures in place and documented through the GDPR Tracker, you’ll be able to download a report detailing the steps taken if a request were made asking what steps were taken or if an issue were to arise.
Keep this up to date and you’ll be able to provide a real time update on your GDPR compliance to anyone that requests it.
Stay GDPR Compliant
Specific tasks to manage ongoing GDPR compliance.
Create tasks with your own dates and reminders to manage ongoing GDPR compliance.
Full audit trail available on tasks completed.
Suggested tasks are also available to help manage ongoing GDPR compliance including updates on the GDPR regulation.
Manage GDPR in a single place
Take a look at all the GDPR features in action including managing SAR Requests, Conducting a DPIA, managing Risks, Issues & Breaches & Data mapping.
Unlimited GDPR Support
All GDPR Tracker users will have access to our GDPR Support Facebook Group (Closed) where you can get support from our GDPR consultants.