Get in touch

Get in touch

  • This field is for validation purposes and should be left unchanged.

Privacy Notice


When you request to download our free implementation guide, we use your name, company name (which is optional) and your email address to email you a link to download the requested document. We may also email you after your download in order to follow up on your interest in our products and services. We will do this based on our legitimate interest in marketing to prospects for our products and services. Your name and email address are stored on our website which is hosted with Digital Ocean. Your personal data is stored for one year after you requested your download, after which it is deleted.

Reveal Menu

GDPR Toolkit Version 4 – The Final Push



As May 25th draws ever closer we thought we thought you might appreciate a Toolkit update that addresses many of the requests we’ve had since V3. This release is intended to bolster key areas, such as Controller and Processor, Privacy Notices and Accountability/Security, whilst providing a bit more definition in others, such as Personal Data Analysis.

Controller and Processor

So, in a nutshell, what’s new? Well, we’ve added some documents which may help to communicate with your customers and suppliers about GDPR and confirm whether everybody is ready. These include a GDPR Readiness Statement, a GDPR Letter to Processors and a GDPR Readiness Checklist which together should save you time in responding to others, whilst helping to give some of your processors that nudge they need in the right direction.

We’ve also added a draft Data Processing Agreement which fits in with the policy we introduced in V3 and may help to get the right form of contractual words in place with your processors in a shorter time.

Ten New Policies

Many people are starting to realise that understanding your personal data is only half the battle and that the controls involved in protecting it are a whole subject in themselves. To help with this, we’ve added no less than ten information security-related policies to the Toolkit, including a Mobile Device Policy, an Access Control Policy, a Network Security Policy and a Cloud Computing Policy.

Better Awareness Training

In the area of Breach Management we’ve included a Breach Notification Letter to Data Subjects in case you’re unlucky enough to need that, and in GDPR Roles, Awareness and Training, there’s now a GDPR Awareness Training Presentation that may help to communicate all your good work on GDPR throughout the organisation.

Simpler Personal Data Analysis

We’ve tidied up the area of Personal Data Analysis and focussed on a single spreadsheet tool, the renamed Personal Data Analysis Form, with the other spreadsheets being gracefully retired due to customer confusion about how the tools related to each other. Hopefully this will make the process of understanding your personal data slicker and more meaningful.

More Privacy Policies and Notices

In the Privacy Policy and Notices folder, we’ve renamed the main policy to simply Data Protection Policy to better reflect its internal focus and introduced a template Website Privacy Policy to supplement the existing Privacy Notices in the Toolkit. We’re still big fans of Just in Time Privacy Notices, but we recognise that having a single coherent Privacy Policy on a website can also pay dividends. We’ve created some example Privacy Notices in the areas of Employment and Website Enquiry to show what these could look like.

The Privacy Notice Planning Form has been split into two, one for where the data is collected from the data subject, and the other for where it is obtained from another source.

Thanks Again

We continue to get great feedback about the GDPR Toolkit and thanks to everybody who gave us a positive review at

Good luck with your GDPR work in the run up to 25 May and keep the enhancement suggestions coming.

Best Regards

The CertiKit Team

Over 3000 businesses have purchased our toolkits


Great library of documents that helped tremendously in the development of our respective systems. The organization and hierarchy of the documents were easy to follow.

GC&E Systems Group, Inc. USA

View all Testimonials