6 February 2018

The Only GDPR Checklists You Need

Richard Hancock
Written by Richard Hancock

Richard Hancock is Regional Director for The Marketing Centre and specialises in working with small and mid-size businesses. He has over 30 years experience working across the FMCG, Digital Entertainment, Technology & Telecoms industries, both in the UK & overseas.


Whether it’s an overload, a glut or a smog, there’s little doubt that the impending arrival of the General Data Protection Regulation (GDPR) has unleashed a huge amount of activity over the past few months.

Consultancies, lawyers, IT experts, cybersecurity firms, marketing consultants and more have all built offerings around it, and the result has been a mish mash of conflicting information with barely concealed sales messages and very little practical advice.

However, out of all that information (over 5 million Google results and counting) there are only two actionable checklists you need to get GDPR ready.


In its own words, the Independent Commissioner’s Office is “the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.” They have no commercial skin in the game, and they have two in-depth checklists: one for data controllers, one for data processors.

Data controllers determine the purposes and means of processing personal data. If that sounds like you, follow this checklist here.

Data processors are responsible for processing personal data on behalf of a controller. If that’s you, follow this checklist.


The Direct Marketing Association offers lobbying, events, research, and development for direct marketing in the UK. While the ICO’s checklist focuses heavily on general data, the DMA, unsurprisingly, has a marketing focus.

This means looking at:

  • Legitimate interests
  • Consent
  • Information provisions
  • Third party data
  • Profiling
  • Legacy data

To ensure your marketing efforts are in line with the latest legislation, follow this checklist here.

And that really is it. No fluff, no nonsense, simply a list of actionable GDPR advice.


The GDPR Guide for B2B Business


Picture credit: https://www.flickr.com/photos/flamephoenix1991/8376267144


Ready to take
your marketing seriously?

Since 2010, we’ve helped business owners make sense of marketing.
To make smarter decisions and make the most of their investment.

So if you’re tired of switching from one thing to the next hoping one will stick, maybe it’s time to try a different approach.