Infographic: Does the GDPR Impact Your Organization?

20 Aug 2018

The European Union’s General Data Protection Regulation (GDPR) applies to any organization that handles personal data collected in the EU. Find out whether your business is affected with this simple assessment.

Accessibility note: The infographic is translated below the graphic.

Does the GDPR impact your organization infographic as described by the text below

Safeguard your business.

Symantec Information Centric Security solutions, available from Insight, can help ensure your organization is GDPR ready.

Learn more

Infographic text included for screen readers:

Does the GDPR impact your organization?

Answer 5 questions to find out fast.

The GDPR is global in scope and applies to any organization that processes EU personal data. Understanding the impact this regulation has on your organization is critical in order to avoid the hefty fines associated for non-compliance.

  1. Does your organization process personal data?
    • Do you collect names, phone numbers, email addresses, either directly or from third party sources such as marketing databases, directories, etc.?
    • Do you collect data in your IT logs like individual devices’ IP addresses, MAC addresses, EMEI numbers or similarly unique identifiers?
    • Do you track the geolocation of your European employees?
    • Do you place cookies on the machines of visitors to your website to track them or save their preferences? Do you then tailor their web experience or serve them targeted online advertising?
  2. Is your organization established in the European Union?
    • Do you have a subsidiary (legal entity) in one or member countries of the European Union?
    • Is your organization headquartered in the European Union?
  3. Is your organization established in another location where European Member States law applies?
    • Does your organization operate an EU Member States diplomatic mission (embassy or consular post) in a non-EU country?
    • Does your organization conduct business such as a convenience store, a reception desk, or a security service within the premises of such a diplomatic mission?
  4. Does your organization target individuals located in the European Union with commercial offerings?
    • Are you selling and shipping goods/providing services to individuals located in European countries?
    • Are your tailoring your marketing/advertising communications to European audiences?
    • Are you translating your messaging to European local languages, redirecting users to localized domains of your website, or offering Europe-specific merchandise?
  5. Does your organization monitor the behavior of individuals located in the European Union?
    • Are you conducting web analytics, behavioral monitoring or other forms of tracking of individuals in Europe for business purposes?
    • In particular are you using third party advertisers (e.g. brokers and/or marketers) to benefit from the fracking they may be doing?

If you answered yes to one or more questions, you are likely subject to the GDPR for personal data processing operations, whether they are performed in the European Union or relate to individuals located there. If your organization does not have an establishment in the European Union, you should appoint a representative there.

Take steps towards GDPR compliance

Symantec helps organizations get enhanced visibility and protection of data to support GDPR compliance.

Access more GDPR information and resources at

The materials contained in this presentation are not intended to provide, and do not constitute or comprise, legal advice on any particular matter and are provided for general information purposes only. You should not act or refrain from acting on the basis of any material contained in this presentation, without seeking appropriate legal or other professional advice.

Copyright © 2017 Symantec Corporation. All rights reserved. Symantec, the Symantec logo, and the Checkmark logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.