Is an individual's email address classed as personal data?
The GDPR sets out rules on how personal data should be used, this may include:
If an individual makes a request regarding their personal data, how long do you have to respond?
Can the Data Protection Officer for your organisation be a current member of staff?
If a personal data breach occurs within your organisation, how long do you have to report this?