Data subject request toolkit
- UK GDPR compliant
- Helps you comply with the law
- Contains all the documents you need
This data subject request toolkit guides you through the process of dealing with data subject requests (individuals' requests for access to, changing or deletion of their personal data).
This toolkit contains a how-to guide as well as a pack of 22 relevant documents to cover various types of requests.
The template documents you will receive in this toolkit include:
- policies and forms for dealing with data subject requests;
- letters for acknowledging receipt of a data subject request, verifying the person's identity and asking for further details;
- letters to give you extensions of time to respond;
- letters for responding to the request and explaining what further action you will take (such as correction or deletion of the data);
- letters for supplying data in response to portability requests;
and more.
By using this data subject request toolkit, you will comply with your legal obligations for dealing with data subject requests.
This minimises the risk of someone making a complaint against you or you being penalised by the ICO. Having efficient and proper data protection processes in place also helps to protect customer data, ensure good customer relationships and maintain your business's reputation.
Q&A
When should I use this toolkit?
This toolkit is a useful addition to your company policies and documentation at any time, as it provides all of the policies, letters and forms you need to respond to data subject requests as and when you receive them.
You must comply with certain legal requirements and deadlines when responding to data subject requests, or you risk being penalised by the ICO. Your business's reputation and customer relationships could also suffer if you do not follow the proper processes.
What does this toolkit cover?
This data subject request toolkit provides easy to follow guidance, and accompanying template documents, for each step of dealing with a data subject access request.
These steps include:
- Having in place the right policies and forms;
- Preliminary steps before responding to a request;
- Dealing with requests to provide, correct, delete or amend personal data;
- Dealing with portability requests.
You will receive a how-to guide which explains how to use all 22 template documents included in this pack.
Why do I need this toolkit?
This toolkit is essential for helping you to respond to data subject requests in a timely and legally compliant way.
You can use the templates in this toolkit to ensure that your business has the proper policies and procedures in place to respond to data subject requests, and to deal with data subject requests efficiently.
Where can I find out more?
You can find out more about responding to data subject access requests Individuals' access to personal data.
Documents in Toolkit
Data subject request policy- Data transfer request form
- How-to guide: Data subject request toolkit
- Letter acknowledging receipt of data subject request (and requesting verification of ID)
- Letter asking for further information about a data subject request
- Letter confirming no data held in response to data subject request
- Letter confirming that data has been corrected
- Letter confirming that data has been deleted
- Letter confirming that data processing has ceased
- Letter explaining reasons for extension of time to respond to data subject requests
- Letter explaining why data processing will continue
- Letter explaining why data will not be corrected
- Letter explaining why data will not be deleted
- Letter supplying data in response to a portability request
- Letter supplying data to a third party in response to a portability request
- Letter to party who has been supplied data to confirm its deletion
- Letter to party who has been supplied with data to confirm its correction
- Letter to third party seeking consent to disclosure of information
- Request form to correct inaccurate or incomplete data
- Request form to delete data
- Request form to stop using data
- Subject access request form
- Subject access request response template
Related Toolkits
Data breach toolkit
This data breach toolkit guides you through the steps you need to take when you become aware of a personal data breach (such as a staff member sending customer information to the wrong person, or a device containing customer information being lost or stolen). It includes a how-to guide, as well as a pack of the relevant documents you are likely to need. In this data breach toolkit you will find: a personal data breach policy; a template notice for notifying affected individuals; and a template personal data breach register for keeping records of breaches. This data breach toolkit helps you to identify, assess and contain a personal data breach, inform the relevant people, and keep written records of the breach. By using this toolkit, you reduce your risk of being penalised by the ICO. Keeping on top of your data protection processes also helps to maintain your reputation and build customer relationships.
This data breach toolkit guides you through the steps you need to take when you become aware of a personal data breach (such as a staff member sending customer information to the wrong person, or a device containing customer information being lost or stolen). It includes a how-to guide, as well as a pack of the relevant documents you are likely to need. In this data breach toolkit you will find: a personal data breach policy; a template notice for notifying affected individuals; and a template personal data breach register for keeping records of breaches. This data breach toolkit helps you to identify, assess and contain a personal data breach, inform the relevant people, and keep written records of the breach. By using this toolkit, you reduce your risk of being penalised by the ICO. Keeping on top of your data protection processes also helps to maintain your reputation and build customer relationships.
- Personal data breach policy
- Template personal data breach register
- Notice of a personal data breach (affected individuals)
- How-to guide: Data breach toolkit
Data protection policy toolkit
This data protection policy toolkit provides 8 data protection policy templates you are likely to need to comply with your data protection obligations. It also contains a how-to guide, which tells you how to use each policy. Data protection policies included in this pack can be customised for your business and include: Privacy policy Cookie policy Data protection policy Staff privacy notice Data subject request policy Data protection impact assessment policy Personal data breach policy Using this data protection policy toolkit helps you to ensure that your staff are aware of how to deal with customers' personal data, you protect your staff members' and customers' personal information, and your business deals with any personal data breaches or subject access requests efficiently. Complying with your data protection obligations not only means you will avoid being fined by the ICO, but you will also maintain your business's reputation and reduce the risk of staff or customers taking legal action against you.
This data protection policy toolkit provides 8 data protection policy templates you are likely to need to comply with your data protection obligations. It also contains a how-to guide, which tells you how to use each policy. Data protection policies included in this pack can be customised for your business and include: Privacy policy Cookie policy Data protection policy Staff privacy notice Data subject request policy Data protection impact assessment policy Personal data breach policy Using this data protection policy toolkit helps you to ensure that your staff are aware of how to deal with customers' personal data, you protect your staff members' and customers' personal information, and your business deals with any personal data breaches or subject access requests efficiently. Complying with your data protection obligations not only means you will avoid being fined by the ICO, but you will also maintain your business's reputation and reduce the risk of staff or customers taking legal action against you.
- How-to guide: Data protection policy toolkit
- Privacy policy
- Cookie policy
- Data protection policy
- Staff privacy notice
- Staff recruitment privacy notice
- Data subject request policy
- Data protection impact assessment policy
- Personal data breach policy
Small claims toolkit
This small claims toolkit guides you through the right process to follow if you want to make a straightforward small claim against someone, and contains a pack of all of the template documents you are likely to need. Use the small claims process to get back money you are owed for amounts less than £10,000 (for example, if a supplier has not sent you the right goods or you have not received payment from a customer). Documents provided in this small claims toolkit include: letter before action (also known as a letter of claim), which must be sent to someone before you sue them to set out what you are claiming; witness statement, which provides a template for any witness statements you are providing to ensure they are legally compliant; and letter of non-attendance for small claims hearing (if you want the court to judge your case on paper evidence rather than you attending a hearing). By using this small claims toolkit you can avoid the need to use a lawyer and maximise your chances of getting back money you are owed. It helps you avoid common mistakes that can reduce your chance of a successful claim.
This small claims toolkit guides you through the right process to follow if you want to make a straightforward small claim against someone, and contains a pack of all of the template documents you are likely to need. Use the small claims process to get back money you are owed for amounts less than £10,000 (for example, if a supplier has not sent you the right goods or you have not received payment from a customer). Documents provided in this small claims toolkit include: letter before action (also known as a letter of claim), which must be sent to someone before you sue them to set out what you are claiming; witness statement, which provides a template for any witness statements you are providing to ensure they are legally compliant; and letter of non-attendance for small claims hearing (if you want the court to judge your case on paper evidence rather than you attending a hearing). By using this small claims toolkit you can avoid the need to use a lawyer and maximise your chances of getting back money you are owed. It helps you avoid common mistakes that can reduce your chance of a successful claim.
- How-to guide: Small claims toolkit
- Letter before action
- Witness statement
- Letter of non-attendance for small claims hearing
Redundancy toolkit
This redundancy toolkit guides you through the key steps you need to take to make an employee redundant, and provides a pack of the relevant template documents you are likely to need. You will find guidance and a pack of 9 supporting documents, including letters, notices and agendas, for each step of the redundancy process: Initial steps (considering alternatives and reasons for redundancies); Creating a redundancy pool, applying selection criteria and notifying employees; Carrying out a consultation process; and Making a final decision, calculating payments and terminating employment. It also includes a template letter to offer alternative employment to employees who are at risk of being made redundant. By using this redundancy toolkit, you will ensure that your redundancy process is fair and legally compliant, which reduces the chance of any employees suing you. The guidance in this redundancy toolkit also helps you to ensure you do not make redundancies in a discriminatory way. Use this redundancy toolkit to ensure you are legally compliant without the need for a lawyer.
This redundancy toolkit guides you through the key steps you need to take to make an employee redundant, and provides a pack of the relevant template documents you are likely to need. You will find guidance and a pack of 9 supporting documents, including letters, notices and agendas, for each step of the redundancy process: Initial steps (considering alternatives and reasons for redundancies); Creating a redundancy pool, applying selection criteria and notifying employees; Carrying out a consultation process; and Making a final decision, calculating payments and terminating employment. It also includes a template letter to offer alternative employment to employees who are at risk of being made redundant. By using this redundancy toolkit, you will ensure that your redundancy process is fair and legally compliant, which reduces the chance of any employees suing you. The guidance in this redundancy toolkit also helps you to ensure you do not make redundancies in a discriminatory way. Use this redundancy toolkit to ensure you are legally compliant without the need for a lawyer.
- How-to guide: Redundancy toolkit
- Redundancy - Letter warning of proposed redundancies
- Redundancy - Selection criteria form
- Redundancy - Provisional selection for redundancy letter
- Redundancy - First individual consultation meeting agenda
- Redundancy - Outcome of individual consultation meeting
- Redundancy - Invitation to final individual consultation meeting
- Redundancy - Final individual consultation meeting agenda
- Redundancy - Notice of termination of employment
- Redundancy - Offer of alternative employment