How GDPR and privacy friendly are you?
Test yourself now!
Which of the following best describes the industry of your company?
Tech & Internet
Ad & Marketing
Education
Other
What is your role in the organization you work for?
Founder or CEO
Developer
Marketing
UI / UX Designer
Data Protection Officer
Human Resources
Other
What type of data do you mainly work with in your organization?
Personal and / or Sensitive Data
Pseudonymous Data
Anonymous Data
None, or I don't know.
How does your organization make sure that it is GDPR compliant?
We use free resources from internet to educate ourselves.
We hired an external consultant to do this for us.
I don’t know.
We don’t do anything in particular.
Does your organization delete personal data it no longer needs to process?
No
In part.
Yes
I don't know.
Did your organization conduct a data mapping and / or a risk assessment analysis on the personal data it holds and processes?
Data Mapping
Risk Assessment Analysis
Both Data Mapping & Risk Assessment Analysis
No, or I don't know.
What roles does your organization take in relation to personal data?
Controller
Processor
Both Controller & Processor
I don't know.
Do you have an employee or a Data Protection Officer within your organization who is in charge of GDPR implementation?
Data Protection Officer
Employee (who is not a Data Protection Officer)
Both a Data Protection Officer & an Employee
No, or I don't know.
If your organization security system is compromised, how quickly will you be able to notify authorities about the breach?
In one month.
In one week.
In 72 hours.
In 24 hours.
Did your organization update agreements with third-party vendors and services to make sure privacy of the users is protected?
No
In part.
Yes
I don't know.
Is your Privacy Policy expressed in clear, unambiguous and easy to understand language?
I don't know.
In part.
No
Yes
If a person asks you to provide all data that your organization holds on him or her, how quick will it be possible to do it?
It's not possible.
In one month.
Within one week.
In 72 hours.
What is your organization's culture regarding data?
Formal (We have a guideline we all try to follow).
Effective (We are constantly being reminded and are well informed about regulation).
Vital (It's our product's and services core aspect. Any mistake regarding regulations can be fatal).
Vague (We need to know what is allowed and what is not and put more attention on what we use as data in order to increase our productivity).
What would be the best approach for your organization on data and its regulations?
Everyone should have a good general overview in my team.
It's good to have an external expert that is always reachable to ask.
A guide or info-graphic for our case that focuses on our organization would do the work.
We need to set a whole team / department for it.
Which of the following services would your organization find useful in making its organization more privacy oriented and / or GDPR compliant?
In-person Consulting
GDPR Compliance Design Thinking Workshop
GDPR Compliance Plan / Check List
Employee Training
Expert with a Royal Shield
You have Expert Level of GDPR understanding and a potentially strong compliance level. This is equivalent to having a Royal Shield for protection!
Scale:
- Expert Level = Royal Shield
- Intermediate Level = Legionnaire Shield
- Novice Level = Iron Shield
- Very Little / No Understanding or Compliance = Wooden Shield
Intermediate with a Legionnaire Shield
You have a Intermediate Level of GDPR understanding and potential compliance level. This is equivalent to having a Legionnaire Shield for protection.
It's time to hire a consultant to ensure a higher level of data protection compliance and understanding!
Scale:
- Expert Level = Royal Shield
- Intermediate Level = Legionnaire Shield
- Novice Level = Iron Shield
- Very Little / No Understanding or Compliance = Wooden Shield
Novice with a Iron Shield
You have a Novice Level of GDPR understanding and potential compliance level. This is equivalent to having a Iron Shield for protection.
It's time to hire a consultant to ensure a much higher level of data protection compliance and understanding!
It's time to hire a consultant to ensure a much higher level of data protection compliance and understanding!
Scale:
- Expert Level = Royal Shield
- Intermediate Level = Legionnaire Shield
- Novice Level = Iron Shield
- Very Little / No Understanding or Compliance = Wooden Shield
No Understanding with a Wooden Shield
You have very little or no understanding of GDPR and a potentially low or no compliance level. This is equivalent to having a Wooden Shield or nothing for protection.
It's time to hire a consultant to ensure an utmost level of data protection compliance and understanding!
Scale:
- Expert Level = Royal Shield
- Intermediate Level = Legionnaire Shield
- Novice Level = Iron Shield
- Very Little / No Understanding or Compliance = Wooden Shield