Does your website meet the main GDPR requirements?

GDPR is a complex topic and it can be challenging to understand how this regulation affects different areas of your organization. With this quiz we want to help you understand what GDPR means for your website and how you're currently doing in meeting the main requirements.

At Siteimprove we value the privacy of our visitors and customers. Therefore, we will not track or store your answers to this quiz.

Starting quiz...
Where is your business located?
Where are all your IP addresses and domains registered?
Could some of your website visitors be located in the EU?
Do you provide any service through your website that collects personal data?

GDPR applies when there's a transaction or service taking place in the EU and personal data is being collected for that purpose.

Could you map every domain your company owns and the countries where these are located?

Over the years, organizations tend to register different domains and can lose sight of which ones they own. GDPR requires you to have control over all personal data floating around your domains—even the ones you may have forgotten about.

Are you or any of your colleagues in charge of making sure the website is ready for GDPR?
Do you have a system in place to help identify the personal data living on your website?

Personal data includes names, email addresses, phone numbers, identification numbers, etc.

Do they have a system in place to help identify the personal data living on your website?

Personal data includes names, email addresses, phone numbers, identification numbers, etc.

If a former employee requests you delete all instances of his/her name on your website, would your organization be able to do it?
Could you find and erase this data without undue delay?

The "right to be forgotten" is article 17 of GDPR. It states, "The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay.".

Do you have an overview of every place on your website where you have submission forms?

It is important to keep track of forms, because this is where personal data is often requested. As a website owner, you are responsible for protecting all data collected via HTML forms.

Do you have an overview of all the cookies set on your website? Including third-party cookies?

Under GDPR, if a cookie is capable of identifying an individual, then it’s considered personal data.

Does your company use third-party processors to monitor your visitors' behavior?

A third-party data processor is an entity that processes personally identifiable information on your behalf. (i.e. Google Analytics)

Do you know how these third-party processors use or store your visitors' personal data?

According to GDPR, it's your responsibility to make sure third-party processors are processing your data in accordance with GDPR and local privacy laws. For example, do you know if they have the necessary tools in place to retrieve, anonymize, or delete user data at any point?

Please answer the question

Calculating score...

Your Score

Looks like there's some work to do...

Understanding what needs to be done to ensure your website meets GDPR requirements can be challenging. We're aware of this and want to help you on your way to compliance. Sign up for our most popular content and receive tips and insights on how to strengthen your website's privacy.

Not bad!

It looks like you and your organization are already making strides toward a GDPR-compliant website, but there's still some work to do.

Looking for help the rest of the way? Sign up for our most popular content and receive tips and insights on how to strengthen your website's privacy.

Nice work!

It looks like you and your organization are well on your way to a GDPR-compliant website.

Interested in knowing more about how automation can ease this process for you? Sign up for our most popular content and receive tips and insights on how to strengthen your website's privacy.

Siteimprove automates the tedious process of finding and monitoring personal data and cookies on your website. You can also actively protect your visitors’ data with our GDPR-compliant Analytics tool.

No need to worry just yet

If you're positive your website doesn't receive traffic from the EU, and you don't offer any service to customers located in the EU, then chances are GDPR doesn't apply to your website.

That said, transparent data privacy is crucial to building trust with your visitors. The good news is that you can meet their mounting expectations and comply with data privacy laws—and you don't have to do it alone. Learn how automation can help you strengthen your website's privacy with our free web guide.

Download Web Guide

Siteimprove automates the tedious process of finding and monitoring personal data and cookies on your website. You can also actively protect your visitors’ data with our GDPR-compliant Analytics tool.