The ICO outlines what personal data actually is and how it relates to the General Data Protection Regulation (GDPR).
This section on the ICO website outlines what the 'Right to be informed' actually means for organisations and has a checklist of the information you need to provide to the public.
The ICO have a self assessment checklist that you can use to see how well you comply with data protection law. You just answer the questions and at the end the ICO provide useful resources and links to help you improve.
All businesses also have to pay a data protection fee to the ICO, unless you are exempt. Once you have done this your details will be published on the register of controllers and you will receive a certificate.