The aim of this ques­ti­on­n­aire is to help small and medi­um-sized enter­pri­ses ans­wer the ques­ti­on of whe­ther a data appli­ca­ti­on falls under the GDPR and whe­ther spe­cial pre­cau­ti­ons need to be taken in accordance with the GDPR. The self-assess­ment is pri­ma­ri­ly aimed at pri­va­te, Aus­tri­an com­pa­nies that ope­ra­te an appli­ca­ti­on them­sel­ves. In addi­ti­on, the self-assess­ment pro­vi­des an over­view of the fur­ther steps in the form of a struc­tu­red pro­ce­du­re should the GDPR app­ly to the data application.

Plea­se note: Both auto­ma­ted (by IT sys­tems) and non-auto­ma­ted appli­ca­ti­ons (e.g. index cards) fall under the GDPR requirements.

Legal Noti­ce: The infor­ma­ti­on pro­vi­ded in the docu­ment is inten­ded to pro­vi­de a gene­ral out­line of mea­su­res to be taken in the con­text of the Gene­ral Data Pro­tec­tion Regu­la­ti­on, does not con­sti­tu­te legal advice and can­not replace legal advice.

The GDPR Self-Assess­ment is offe­red by SEC4YOU free of charge.

Fur­ther infor­ma­ti­on on the Gene­ral Data Pro­tec­tion Regulation:

Data Pro­tec­tion Blog

Bit­Lo­cker end­point encryp­ti­on as defi­ned by the GDPR

GDPR: Semi­nar Basic Data Pro­tec­tion Regulation