GDPR non-compliance

716 small business leaders in Europe were surveyed about their GDPR non-compliance.

Their answers suggest widespread ignorance about data security tools and loose adherence to the law’s key privacy provisions.

GDPR Compliance Survey

Here are some of the key takeaways and results that surprised most:

  • Around half of small businesses are failing GDPR compliance on two crucial requirements.
    The GDPR requires companies to describe data processing activities in clear, plain language to data subjects. Moreover, it also requires businesses to identify a lawful basis for using someone’s data.
    Additionally, around half of respondents were not completely sure they complied with either of these two provisions.
  • Furthermore, many business leaders are confused about basic data security concepts, like encryption. When we asked whether they used end-to-end encrypted email, about two-thirds said yes.
    But when we asked these people to identify the service, only about 9% named one. “VPN,” “Mailchimp,” and “Dropbox” were among the responses.
    Seven Irish respondents said their end-to-end cloud storage provider was “Reddit.”
  • Small businesses have invested heavily in GDPR compliance. We were surprised to learn that over half of small businesses report spending between €1,000 and €50,000 on GDPR compliance, including consultants and technology.
    Yet despite these costs, most said they did not believe the GDPR would slow the growth of their business.
  • While some respondents said they did not believe regulators would bother imposing penalties against small businesses, many more cited fear of fines as their main reason for complying with the GDPR.
    Here’s one explanation that was typical of several responses: “We are the easy hits. Big companies can afford lawyers to fight in their corner. We can’t so are seen as easy targets.”

Read the full report here. Do note this link takes you to away from our website and to the official GDPR website by the European Union.


Compliance software for the SME – GDPRWise App

Over and above, we have simplified compliance with GDPR requirements for you.

Get access to our Privacy Policy Generator and GDPR Register using our GDPR compliance software. Our software solution holds listings of processing activities in many industries. In a single click, the GDPRWise App can generate your Privacy Policy and GDPR register, based on the sector specific content we have set up in your online GDPRWise dossier. Validate and refine where specified, that is all that needs to be done.

Also, we encourage you to perform a quick and free GDPR compliance check of your privacy policy, simply paste in the link to your privacy policy web page here in our GDPR privacy policy checker.