Free Tool
GDPR Readiness Assessment
Evaluate your organisation’s GDPR compliance across data handling, consent management, subject rights, breach response, and governance. Get a compliance score with prioritised remediation steps.
Your GDPR Controls
Lawful Basis & Consent
Data Subject Rights
Data Protection
Breach Management
Governance
GDPR Key Requirements Summary
| Requirement | GDPR Article | Key Obligation |
|---|---|---|
| Lawful Basis for Processing | Article 6 | Must have a valid legal basis (consent, contract, legal obligation, etc.) for all data processing |
| Consent | Article 7 | Consent must be freely given, specific, informed, unambiguous, and easy to withdraw |
| Right of Access | Article 15 | Individuals can request a copy of their personal data, responded to within 30 days |
| Right to Erasure | Article 17 | Individuals can request deletion of their data when no longer necessary |
| Data Protection by Design | Article 25 | Privacy must be built into systems and processes from the start |
| Record of Processing | Article 30 | Maintain written records of all processing activities |
| Data Breach Notification | Article 33 | Notify the ICO within 72 hours of becoming aware of a qualifying breach |
| Data Protection Impact Assessment | Article 35 | Conduct DPIAs for processing likely to result in high risk to individuals |
| Data Protection Officer | Article 37 | Appoint a DPO where core activities involve large-scale monitoring or special category data |
| International Transfers | Article 46 | Appropriate safeguards required for transfers outside the UK |
Based on the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018. This is not legal advice. Contact Cloudswitched for IT compliance support or consult a data protection specialist for legal guidance.
More Free Tools
Try our other free security assessments and IT planning tools.