<img alt="" src="https://secure.norm0care.com/164647.png" style="display:none;">

News

GDPR readiness in Europe, just before May 25th: 66.3% of European companies still uncompliant

The moment we’ve all been waiting for has finally arrived: the 25th of May 2018, D-day for the General Data Protection Regulation to come into full force in Europe. During the last eight months iWelcome has monitored European organisations on their state of GDPR readiness and published its findings every two months.

After the first measurement in November our conclusion was that 89% of organisations was not ready for GDPR. During the months to follow we saw minor changes in the measurement rounds. There was some improvement, but only in small nuances. No significant changes were made, hardly any new privacy policies were introduced, and it was most certainly not enough to become compliant.

Just a few weeks before GDPR D-day, we did a fourth measurement. Even with the date approaching, we still noticed a lot of non-compliant issues in our research and overall only small improvements compared to the third round.

Some of the major findings are:

  • Only 33.7% is on track, while 66.3% of all organisations are uncompliant in most areas (compared to 73% in the March 2018 measurement).
  • Out of 7 countries, Germany is the winner (6.52 out of 10) followed by Sweden (6.43), that made the best progress in the last months.
  • Retail/E-tail and Consumer Products is still the winning vertical (four times in a row, and this time with 6.97 out of 10) followed by Media & Publishing (6.46).

Judging by the amount of GDPR emails that we received in the last weeks of May, it was a tight race for many companies to be ready in time. This makes us curious for the next measurement in June. We are currently researching the state just after the coming into force, so stay tuned for the 5th report.

You can read the research reports here: 

1. GDPR in Europe - edition 1
2. GDPR in Europe - edition 2
3. GDPR in Europe - edition 3
4. GDPR in Europe - edition 4
5. GDPR in Europe - edition 5
6. State of GDPR in the US

About the research

iWelcome’s research is being performed during the period from October 2017 towards May 25th, among 89 European organisations over 7 countries (the Netherlands, the United Kingdom, Germany, France, Switzerland, Spain and Sweden) and 6 verticals (Insurance, Utilities, Media & Publishing, Travel & Services, Retail/E-tail & Consumer Products and Non-Profit). It's conducted from a consumer’s perspective, by registering online. Whenever the registration process doesn’t provide clear findings, the organisation’s privacy policies are being checked.

Due to the nature of the research, only the variables that are relevant for customer interaction have been tested. Underlying arrangements within organisations (for example designating a Data Protection Officer) have not been measured. The ongoing research will monitor the state of compliance of European organisations every two months.

Screenshot 2019-09-12 at 10.24.49