Free DUAA Compliance checker
Answer eight quick questions. You will see whether your business looks ready, needs a DUAA Compliance update, or has a high-priority data protection complaints process gap.
Do you handle personal data about clients, patients, customers, or staff?
Most small service businesses do.
Do you have a privacy policy on your website?
This can be a standalone page or a privacy notice.
Does your privacy policy explain how someone can raise a data protection complaint?
A generic contact form may not be clear enough.
Do you have a clear email address or form for data protection complaints?
People need to know where to send the complaint.
Can you acknowledge a data protection complaint within 30 days?
The ICO guidance refers to acknowledgement within 30 days.
Do you have an internal process for investigating and responding?
This can be simple, but it should be written down.
Do you keep a simple log of complaints and outcomes?
A spreadsheet is enough for many small businesses.
Do you handle health, therapy, counselling, wellbeing, financial, HR, or other sensitive client information?
This increases the importance of a tidy process.
