GDPR compliance readiness

Identify Group Ltd engaged INCIGHT ltd in November 2017 to develop a programme of works and project manage these activities to prepare the Group for GDPR legislation, due to come into effect from 25th May 2018.


We worked closely with the CFO, group data coordinator, onboarding manager to develop the project plan and engaged with sales directors to manage new ways of working.

Project Outcomes

  • Privacy policies and notices written and in place on email and website

  • Processes established, owned and proven for:

    • Data Breach / Incident management​

    • DSAR (Data Subject Access Requests)

    • DPIA (Data Processing Impact Assessments)

    • Management of CRM database - retention and deletion

  • Legitimate interest assessments completed

  • Data flow mapped

  • Information Asset inventory created

  • Intra-company group data sharing agreement in place

  • Updated Information and Cyber security policy and procedures in place

  • Training delivered to sales and operations staff

Overall the project was successfully implemented

people sitting down near table with asso