Get in touch

Get in touch

  • This field is for validation purposes and should be left unchanged.

Privacy Notice


When you request to download our free implementation guide, we use your name, company name (which is optional) and your email address to email you a link to download the requested document. We may also email you after your download in order to follow up on your interest in our products and services. We will do this based on our legitimate interest in marketing to prospects for our products and services. Your name and email address are stored on our website which is hosted with Digital Ocean. Your personal data is stored for one year after you requested your download, after which it is deleted.

Reveal Menu

GDPR Toolkit: We're going live with version five

The GDPR was big news last year, with organisations across the EU battling to get their systems in order before the deadline of May 25.

The General Data Protection Regulation is the biggest change to data protection laws in more than two decades, affecting everyone living in the EU. It aims to give people more control over how their personal data is handled.

CertiKit’s GDPR Toolkit has proved to be our best-seller, with sales to 79 countries and principalities, including all 28 in the EU (29 including Gibraltar) and 50 outside.

From international powerhouses such as the US and Germany to tiny island states such as the Caymans and Curaçao, our GDPR Toolkit is proving popular.

Now we have launched our fifth version, which includes some important updates, such as new documents, slides and posters.

This is the first update since the GDPR came law, and some of the updates have been made in response to customer feedback.

Here are the updates in V5:

CCTV Policy

The addition of a CCTV policy was the result of customer feedback. The policy sets out what organisations can and can’t do with closed circuit TV systems.

In collecting and using video (and possibly audio) data, organisations are subject to a variety of legislation, including the GDPR, which control how such activities may be carried out and the safeguards that must be put in place to protect the recorded information.

The policy sets out the rules which must be followed when installing and dealing with CCTV so that responsibilities are met and the usefulness of the recorded data is maximised.

Sub-Processor Agreement

This form is a starting point for an agreement between a processor and a sub-processor to cover the requirements of the GDPR.

It covers the obligations and rights of the processor, and the obligations of the sub-processor as well as covering duration and applicable law.

Example: Data Protection Impact Assessment

This completed form gives the example of the impact on employees of a human resources system which is to be replaced.

The new system will record additional information about employees, including biometric data such as fingerprints. It will also cover areas such as sickness, which the previous system did not cover, and so will hold health-related data.

The form records all this information, along with dates and the details of those responsible for the assessment.

Posters: For Front-of-House and Behind-the-Scenes


Next, we have included two posters. The first (green) poster is aimed at your data subjects and the second (blue) at your employees. So if we take the example of a dentist’s surgery, you might want to pin the first poster in the waiting area and the second in the staff room.

Both posters include editable form fields in which to add your own short message – possibly one with an email address or telephone number.

Information Security Awareness Training

Finally, two slides have been added to this Powerpoint presentation. These address the relevant laws outside the EU and the UK.

The first looks at the law in the USA, referring to ten pieces of legislation such as the Homeland Security Act, the Patriot Act and the Gramm-Leach-Bliley Act.

The second lists the relevant laws in India, Malaysia, Thailand, Singapore, Canada, Australia, New Zealand and South Africa.

Thank You!

We always strive to listen to the feedback from our customers, and to take their suggestions on board when making updates to any of our toolkits. If you have any suggestions to make, please get in touch. You can also leave a review here.

To buy the updated CertiKit GDPR ToolKit, click here.

Over 3000 businesses have purchased our toolkits


We're a small company (170 employees) and we don't have the time to "re-create the wheel", nor the budget to hire a consultant. This toolkit gives us the recipe and the ingredients to put together a business continuity system.

Vice President
Altek Electronics

View all Testimonials