Example Grids

GDPR Toolbox: Process, Methodology & Procedures

A simple way to audit and capture your firm’s GDPR process, procedures and methodology.

Book a demo
GDPR Process - Legal Documentation and Consent

GDPR Process - Procedures - Methodology - Examples

Using Method Grid we’ve created a simple to follow example GDPR process and procedure grid. This grid lays out a complete end-to-end GDPR methodology for auditing your organization and documenting your GDPR process.

Who might this be useful for?

The General Data Protection Regulation (GDPR) concerning data protection and privacy is relevant to all organizations working within/to the European Union and the European Economic Area.

How is it best used?

This grid can serve as a reference home for an organisation’s set of documented GDPR processes and records – as used to provide staff with an easy-to-access reference site (to facilitate consistent GDPR-compliant practices) and so that any audit sees a structured, end-to-end system in place.

With this grid (tailored to your specifics – and regularly updated), if you get a GDPR question from a customer – or a request from your lead data protection supervisory authority – you, and your team, can deal with it in minutes.

What does it consist of?

This grid lays out a complete end-to-end GDPR methodology for:

  • Auditing your business for GDPR compliance – questions to ask and information to capture
  • Capturing and storing the personal data you process
  • Documenting the purpose of this data and your legal basis for processing it
  • Auditing and documenting where you hold this data – internal and external data processors
  • Noting who controls this data – internal and external data controllers

GDPR Process Date Processed Procedures and Data


  • Creating a central library for all your GDPR legal documentation and compliance
  • Keeping a record of how and when you get consent for your personal data processing

GDPR Process - Legal Documentation and Consent


  • Providing a central repository for all your GDPR related processes and procedures – data protection officers, data breach process, subject access requests etc.
  • Noting your international obligations for the processing of EU personal data – who processes your data, where it’s kept and your relevant data processing agreements

GDPR Process - Procedures and International Obligations


Not only does this GDPR process grid give you all that, but using the power of Method Grid everything is interlinked to create a simple flow of information for you and your staff – allowing you to:

  • Link personal data types to the relevant data processors
  • Easily lookup a data processors’ current legal status with you and your business
  • Quickly and easily handle data access requests

GDPR Process - Data Processors and Access Requests


  • Link your staff members and internal experts to any element of your GDPR process quickly and easily

GDPR Process - Expert Linking


Have your complete process documented, easily accessible to your staff and constantly evolving with your business. Get a GDPR question from a customer or a request from your lead data protection supervisory authority and you and your team can deal with it in minutes.

Method Grid is the perfect solution for small teams!

Method Grid has been a real game changer for us at Footdown. For years we struggled to find a common way of keeping everyone on the same page, following a process and ensuring all information was in the right place and easy to update. Method Grid has taken all that pain away and better still within as little as a couple of hours we had our first grids built, our data in it and people actively using it. Its simplicity makes it a must have for any business these days, I couldn’t recommend it highly enough.

Matt Jenkins
Head of Consulting, Footdown

We have found Method Grid to be an excellent tool for documenting both client facing propositions and internal processes and procedures.

Mike Hampson
MD, Bishopsgate Financial

GRIDtalk: Creating a Renewable Energy Project Delivery Playbook for SSE Renewables Register