How many people are employed by your organization?
Are any of the individuals whose personal data you process on behalf of a data controller based in the EU?
As a data controller / processor, how many data subjects' data do you process?
Do you have a record of the type of personal data your company holds?
What types of personal data are processed ?
Is any special category data held or processed ?
Do you inform data subjects of how you use their personal data?
Do you only collect the data you need?
Do you keep personal data accurate and up to date?
Do you keep personal data secure?
Do you have policies and procedures for detecting and handling breaches?
Do you have procedures for people to exercise their rights regarding the personal data you process ?
Does your staff know about your data protection duties and responsibilities?
Does your company use any contractors or suppliers?
Is any customer data transferred to / accessible by these contractors or suppliers?
Who has access to personal information within and outside your organisation?
Are written agreements on data processing in place between your organisation and the data controller?
Does your company transfer any customer data overseas?
Are written agreements in place covering overseas data transfers?
Do you currently conduct data privacy impact assessments?
Does your company perform data inventory and / or mapping?
Given your responses, you are highly likely to need a GDPR Representative. To appoint Sybil as your EU Representative, please contact us by phone or email.
Given your responses, you may be in need of a GDPR Representative. To further evaluate your GDPR representation needs, feel free to contact us.
Given your results, you do not need a GDPR Representative at this time.
*We do not collect any data from this assessment. The results are not stored and only visible by you