Self-assess your organisation against the EU General Data Protection Regulation (Regulation (EU) 2016/679). Score 11 article-mapped sections — lawful basis & consent, Records of Processing, privacy notices, data-subject rights / DSAR, DPIA, 72-hour breach notification, DPO, processor agreements, international transfers, security of processing and privacy by design — get per-section and overall readiness percentages, and export a prioritized gap register. Word + CSV.
Score each item: In place = implemented and operating (100%), Partial = started or informal (50%), Missing = absent (0%), N/A = not applicable with justification (omitted from the score). Readiness % is the mean of scored items.
⚠️ This tool is a self-assessment aid based on the EU General Data Protection Regulation (Regulation (EU) 2016/679). The checklist items are representative summaries of the cited articles — not the full legal text — and this is not legal advice and not a certification. Article applicability depends on your role (controller / processor), the data you process and your supervisory authority. Read the Regulation, and consult a qualified data-protection lawyer or DPO before relying on the results. Nothing you enter leaves your browser.