UK GDPR
UK GDPR control-mapping starter for organisations processing UK personal data under the UK GDPR and Data Protection Act 2018. It references transparency, lawful processing, data-subject rights, DPIAs, breach reporting, and relevant ICO guidance; non-gateway obligations require separate processes.
This template is a configurable starting point and control mapping. It is not certification, legal advice, or a guarantee of compliance; validate it against your obligations and environment before use.
UK
4 references
6 mapped domains
Regulated SaaS, Sovereign Region
Referenced Frameworks, Standards & Obligations
Mapped Control Domains
Deployment profiles
Get started in 3 steps
Open the template
Open the catalog entry in the Keeptrusts console and review its included controls, references, and deployment metadata.
Adapt the configuration
Use the template as a starting point, then adjust relevant policies, thresholds, routing, and review settings for your requirements.
Validate before rollout
Test every outcome you configure—such as allow, redact, block, or operator review—before deploying through a supported gateway workflow.
More Compliance & Audit templates
SOC 2 Type I
SOC 2 Type I template for point-in-time design effectiveness against the AICPA Trust Services Criteria.
SOC 2 Type II
SOC 2 Type II template for operating effectiveness across the AICPA Trust Services Criteria.
ISO/IEC 27001
ISO/IEC 27001 template for ISMS, supplier assurance, continuity, and cloud privacy controls.