Q1: Do you know if the third parties you deal with are compliant with data protection laws?

Q2: Do you have any data processing agreements in place with third parties?

Q3: Have you assessed your risk exposure in terms of Privacy, Security and Confidentiality on how you handle and process Personal Data?

Q4: Is access to Personal Data by your Staff limited to their position and responsibilities?

Q5: Have you trained your staff that handle Personal Data? Are they maintaining a recorded log of their knowledge and do they have the ability to execute?

Q6: Is the data your company holds the bare minimum required so you can carry out your business activities?