GDPR Data Collection Table

GDPR is about personal data, so use this form to record what kinds of personal data you are storing.

This will guide you to as to what steps you need to take next. For example, if you need consent then you may need to update your email collection process.

 

Category of Person

What data do we collect?

Where is it kept?

Reasons for collecting data

Is consent needed?

How long to keep data

 

Customers

 

 

e.g. name/email/address/phone/

bank details

 

e.g.

–           Office computers

–          Website

e.g.

–          To process sales

–          Future Marketing

 

–          No

–          Yes

 

e.g. 6 years (tax reasons)

 

Employees

 

 

 

 

 

 

 

 

Suppliers

 

 

 

 

 

 

 

 

Newsletter subscribers

 

 

 

 

 

 

 

Members

(for a club or charity)  

 

 

 

 

 

 

 

Donors

(for a charity)

 

 

 

 

Gift aid   

 

No   

 

 

6 years (tax reasons)