GDPR Risk Calculator

Does your business needs to comply with GDPR? Use this tool to evaluate your current position, and whether you should work towards compliance.

Not all organisations need to comply with GDPR. But almost all do.

To find out whether your business is required to meet the new regulations for GDPR, use the questionnaire below, which will give you a risk score and a Yes/No answer.


Do you have customers, clients, employees or contacts within the EU?

GDPR applies to any organisation, no matter their size, that is involved in processing personally-identifiable data about anyone in the EU (including the UK post-Brexit).

Does your business employ 250 or more staff?

All businesses with more than 250 staff are required to comply with GDPR laws.

Does your business employ less than 250 staff?

Some small businesses may be exempt from GDPR, although it may depend on the answers to the questions below.

Do you collect or store any personal data

If you're collecting/storing any personally identifiable data (even names/emails/phone numbers,photos etc) about your customers, employees, suppliers or contacts, then it's probable that you'll need to comply.

Do you collect or store any sensitive data

GDPR is even more important if you are storing data about race, ethnicity, religion, politics, genetics, health, sexual orientation or criminal records.

Do you collect personal data regularly?

If you're collecting personal data in the course of your business operations (e.g on your website), then it is highly likely this is classed as 'regularly'.

Do you process any personal data for someone else?

Any organisation that processes any personal data about an individual that resides within the EU (or UK post-Brexit) is liable for GDPR.

Do you operate CCTV on your premises

If you operate CCTV then you need to comply with GDPR laws.

Do I need to comply?