1. Do you collect personal information as part of your business model? *
2. What type of personal information does your business handle - choose most critical? *
3. Do you collect or process personal information on behalf of another company? *
4. Do you have an online presence (website, social media) and interact with customers through it? *
5. Do you run digital marketing programs (i.e. email marketing, micro-sites, install software)? *
6. Do you share personal information with other organizations for any purpose? *
7. Do you share personal information between departments in your organization? *
8. Do you collect personal information, offer products or services, or monitor online behaviour of European residents? *
9. What size is your business? *
10. What is the nature of your business? *
11. Where does your business operate? *
12. What is the average number of personal information records handled? *
13. What is your personal information storage strategy? *
14. Do you have a record retention and management strategy? *
15. Do you use electronic files and use access-managed (user ID and pwd) systems to access data? *
16. Are you aware of the privacy measures required in your organization? *
17. Have you experienced a data breach before? *
18. Do you have an incident response procedure? *
19. Do you have a Privacy Officer? *
20. Do you have a head of IT (CIO, CTO, CISO)? *
21. Do you provide regular privacy or data protection training to your employees? *