AEPD publishes GDPR Risk Assessment
Content
GDPR Risk Assessment
- Purposes
- Types of data
- Scope
- Data subjects
- Techniques
- Collection
- Effects
- Controller
- Communications
- Other
- Security
- Results
Operations related to the purposes of processing
Risk factors arising from the stated purpose of the processing and other purposes linked to the main purpose.
Profiling
Creating profiles
Use of profiles
Classification of individuals
Targeting of products/services to individuals or groups
Behavioral analysis (evaluation and rating of emotions, moods, habits, preferences, etc.)
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Assessment of subjects
Valuation
Scoring
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Prediction
Inference of new personal data
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Employee control
Employee evaluation
Job observation
Workplace monitoring
Workplace image recording
Workplace audio recording
Geolocation of workers en route
Monitoring
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Internet access control
Analysis or evaluation of Internet usage time
Internet browsing activity
alarms on browsing to specific Internet sites
alarms on browsing to specific Internet contents
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Observance
Image surveillance
Sound surveillance
Communication monitoring
Monitoring of heat or other emissions
Transmission monitoring
Internet monitoring
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Monitoring
IoT management
Image monitoring
Sound monitoring
Communication monitoring
Control of heat or other emissions
Transmission control
Internet control
Geolocation control
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Supervision
Control
Image analysis
Sound analysis
Communications analysis
Analysis of heat or other emissions
Transmission analysis
Internet analysis
Geolocation analysis
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Contact tracing
Apply
Mitigation
Not Mitigated Mitigated
Physical access control
Access control to work premises
Access control to commercial premises
Access control to events
Access control to sports facilities
Access control to buildings (public/private)
Geolocation
Movement profiling
Determination of usual places
Determination of frequent places of access
Personal data inferred from geolocation
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Location
Apply
Mitigation
Not Mitigated Mitigated
Univocal identification
Apply
Mitigation
Not Mitigated Mitigated
Automated decisions without human intervention
Apply
Mitigation
Not Mitigated Mitigated
Automated processing for decision support
DSS
Business intelligence that exceeds purely statistical data
AI
Data mining
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Deciding on, or avoiding the exercise of fundamental rights
Impedes or hinders: Right to equality
Right to non-discrimination
Right to life and physical integrity
Right to religious freedom
Right to personal freedom
Right to privacy
Right to self-image
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Deciding on the data subject's control of his or her personal data
Prevent or hinder: Right of access
Right of rectification
Right of opposition
Right of erasure
Right to limitation of processing
The right not to be subject to automated decisions
Right to portability
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Deciding on access to a service
Apply
Mitigation
Not Mitigated Mitigated
Deciding on the execution or performance of a contract
Apply
Mitigation
Not Mitigated Mitigated
Deciding on access to financial services
Apply
Mitigation
Not Mitigated Mitigated
Legal effects on persons
Apply
Mitigation
Not Mitigated Mitigated
Genetically based disease/health assessment and/or prediction
Apply
Mitigation
Not Mitigated Mitigated
Preservation for archival purposes
Apply
Mitigation
Not Mitigated Mitigated
Types of data used
Risk factors related to the scope of the processing which arise from the data collected, processed or inferred in the processing.
Personal documents
Personal mail
Personal letters
Diaries
E-reader notes
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Information from vital logger applications
Apply
Mitigation
Not Mitigated Mitigated
Personal aspects
People or groups with whom you relate
Temperament
Character
Intelligence
Social roles
Ability to adapt
Risk tolerance
Audiovisual content tastes/preferences
Habits
Personal interests
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Consumption preferences, tastes, habits (no special categories)
Consumption preferences
Consumption habits
Preferences for audiovisual content in different media
Leisure preferences
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Job performance
Access control
Image recording
Audio recording
Worker evaluation
Equipment monitoring
Performance inference
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Economic situation
Personal income
Monthly income
Assets (movable/immovable property)
Employment status
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Financial statement
Financial solvency
Debt capacity.
Level of debt (personal loans, mortgages)
Solvency lists
Debts
Assets
Liabilities
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Means of payment
Credit cards
Information on access to virtual currency services
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Behavioural data
Apply
Mitigation
Not Mitigated Mitigated
Location data
Travel log
Record of usual places
Record of routines based on location
Record of usual places
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Very personal data
Very personal data not included in previous classifications
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Health data
Medical records
Health reports
Health-related sick leave reports
Medical prescriptions
related to physical health
related to mental health
related to health care service delivery
iHealth Apps
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Biometric data
Fingerprint
Facial features
Iris
Palm veins
Voice
Ear
Gestures
Gait
Body descriptors of any kind
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Genetic data
Apply
Mitigation
Not Mitigated Mitigated
Special categories of data or data that allows to infer special categories of data
Ethnic origin
Racial origin
Political opinions
Religious convictions
Philosophical convictions
Trade union membership
Health-related data
Data concerning sexual life/orientation
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Special categories of pseudonymised data
Apply
Mitigation
Not Mitigated Mitigated
Personal data relating to convictions and criminal (or administrative) offences
Apply
Mitigation
Not Mitigated Mitigated
Metadata
Electronic communications traffic data
Identification of sender and/or receiver in communications
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Unique identifiers
IP
MAC
IMSI or IMEI
Device ID
Phone N.
DNI, NIE, Passport No. or equivalent
Social security number
Vehicle registration number
Credit card number
UID
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Electronic communications data and metadata
E-mails
Instant messages
Phone calls
Video calls
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Web browsing data
Logs of: Visited pages
Activity time
Visits
Connections
Mouse activity
Browser/device used
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Extent and scope of data processing
Risk factors related to the scope of the processing after the number of subjects concerned, the diversity of data or aspects processed, the duration in time, the volume of data, the geographical extent, the completeness on the individual, the frequency of collection, etc.
Systematic
Occurs according to a system
Is pre-established, organized or methodical
Occurs as part of an overall data collection plan
Carried out as part of a strategy
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Comprehensive on people
A wide variety of different elements are collected and processed
Multiple areas of your life
Different aspects of personality are covered
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Involves a large number of data subjects
The number of affected stakeholders is high in absolute numbers.
The number of affected data subjects is high in relation to the corresponding population.
The number of data subjects is relevant in relation to the geographic extension.
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
The volume of data processed is very high
Apply
Mitigation
Not Mitigated Mitigated
Long processing duration
The permanence of the processing is high
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Large geographic scope of processing activity
Regional, national or supranational level
Other
Enter risk factor
Mitigation
Not Mitigated Mitigated
Large-scale processi