GUIDES & RESOURCES
Privacy & Data Mapping Starter
A first-pass inventory for understanding personal data, purposes, systems, vendors, retention, security, and rights handling.
HOW TO USE THIS GUIDE
Turn the scan into an action plan.
- Mark each item as complete, incomplete, or unknown.
- Assign one owner and a realistic date to every unresolved issue.
- Prioritize items by impact, timing, and reversibility.
To print or save as PDF, use your browser’s print command (⌘/Ctrl + P).
01
Data and purpose
- List personal-data categories handled across customers, users, staff, and partners.
- Record the source, business purpose, and responsible team for each data activity.
- Identify sensitive, children’s, financial, biometric, or otherwise higher-risk data.
02
Systems and sharing
- Map where data enters, is stored, is accessed, and is deleted.
- List processors, cloud services, analytics, payment, marketing, and support vendors.
- Record international access or transfers and the safeguards currently relied on.
03
Controls and transparency
- Compare actual processing with privacy notices, consent text, and contracts.
- Document retention, access control, incident response, and rights-request procedures.
- Create owners and review dates for gaps, high-risk uses, and new products.
START THE CONVERSATION
Legal clarity for the next decision.
Every engagement begins with a focused assessment. Scope and fees are confirmed after the matter is understood.
This is a general orientation checklist, not a substitute for legal review of the facts, documents, and applicable jurisdiction.