GDPR Data Collection Table
GDPR is about personal data, so use this form to record what kinds of personal data you are storing.
This will guide you to as to what steps you need to take next. For example, if you need consent then you may need to update your email collection process.
|
Category of Person |
What data do we collect? |
Where is it kept? |
Reasons for collecting data |
Is consent needed? |
How long to keep data |
|
Customers
|
e.g. name/email/address/phone/ bank details
|
e.g. – Office computers – Website |
e.g. – To process sales – Future Marketing |
– No – Yes |
e.g. 6 years (tax reasons) |
|
Employees
|
|
|
|
|
|
|
Suppliers
|
|
|
|
|
|
|
Newsletter subscribers
|
|
|
|
|
|
|
Members (for a club or charity)
|
|
|
|
|
|
|
Donors (for a charity)
|
|
|
Gift aid |
No
|
6 years (tax reasons) |