The ICO exists to empower you through information.

20 June 2024

Overall rating

Your overall rating was green.

  • 8: Yes
  • 0: No
  • 1: In part

AMBER: partially in place

Do you and your staff (if you have any) know your data protection responsibilities?


Suggested actions:

You should:

  • train all your staff handling personal data on their data protection responsibilities
  • use awareness to keep reminding your staff about keeping data safe and secure (ICO resources are available), and
  • make sure your staff know what to do if you have a breach or if something goes wrong.

Further reading

If you would like more detailed information on this part of the Checklist, please visit the links below:

Guide to the UK GDPR – Data protection officers

Guide to the UK GDPR – Accountability

Personal data breach guidance

Guide to the UK GDPR – Security

GREEN: in place


Do you have a record of what personal data you hold? Do you know what you use it for?

Do people know you have their personal data and understand how you use it?

Do you only collect the personal data you need?

Do you only keep personal data for as long as it is needed?

Do you keep personal data accurate and up to date?

Do you keep personal data secure?

Do you have a way for people to exercise their rights regarding the personal data you hold about them?

Do you know if you are obliged to pay a data protection fee?


Thank you for using the small business owners and sole traders checklist. Let us know what you think by completing our short survey.

If you have an problem downloading the report into a word document please let us know.