GDPR Readiness Survey for Software and SMEs

Why Did We Bother?

As a GDPR Compliance Software company, we wanted to find out the state of the market and whether our solutions is useful, as well as how we can improve to offer more value.

Data We Collected

In this GDPR Readiness Survey, we investigated 100 different software companies and startups of varying sizes, ranging from 1–250 employees in order to get varied data from all companies across the spectrum . We collected the survey in a GDPR compliant way. Here is a breakdown of some of the demographic data we employed:

  • 1–250 employee companies.
  • Worldwide locations, but operate in the EU or store EU citizens’ data.
  • We opted for quantitative & qualitative data.
  • We combined open ended questions with multiple answer questions.
  • We investigated the biggest challenges SME and software companies faced in being GDPR compliant.
  • We offered different aspects of GDPR requirements and requested respondents mark with which they comply with and leave blank those that they do not comply with.
  • The respondent’s annual budget for compliance efforts.

What Did We Find?

Our results from GDPR Readiness Survey were quite surprising, and illustrated a fairly accurate environment surrounding GDPR in the real world.

So how many companies were GDPR compliant?

What we found interesting though, was that 52% of survey respondents believed that they are fully GDPR compliant — an indicator that there is a lot of groundwork to cover up in small businesses and software companies industry wide. The reasons for this low number of that metric were also surprising, and that smaller businesses are less inclined to comply compared to the larger companies with more resources.

What were our respondents reasons for lack of GDPR compliance?

Further to this, our GDPR Readiness Survey found 38% of companies believed the new regulations were too complicated, and rightly so. The idea of GDPR was to remove any kind of uncertainty or loophole opportunities from previous legislation, as well as unify the European stance on data handling and processing.

Of those that were compliant, what steps had they taken?

Despite a clear lack of monetary investment in GDPR compliance, it was great to see that most companies, regardless of size, took steps and measures to comply with GDPR, with all software companies and SMEs we surveyed reporting that they updated their Privacy Policies to acknowledge GDPR and explain how they were taking steps to be compliant.

Software was the name of the game

The startup mentality was in fact in full swing here, as many respondents admitted to using a third party compliance software tool, instead of lawyers support, to quickly handle generating a new Privacy Policy and Cookie Consent document, although how accurate those policies are in line with GDPR and the businesses using the software is unknown.

GDPR Readiness Key Statistics

Overall, GDPR readiness in software companies and SMEs is an ever changing, dynamic landscape of variable compliance levels depending on budget, size of company and departmental dedication.

  • More than 52% of the companies surveyed think they are GDPR complaint (according to our GDPR Readiness Survey).
  • The two biggest reasons for investing in compliancy was the fear of lawsuits and meeting customer expectations.
  • 38% of companies think that the law is too complicated.
  • All customers have updated their privacy policy documentation in line with GDPR.
  • Privacy Policy and Cookie Consent documents are compiled using third party software tools instead of internally for the majority of respondents.


Below are the questions and survey results from our GDPR Readiness Survey for your own interpretation

What is the employee count of your company?
Employee Size (GDPR Readiness Survey Question 1)
Where is your headquarter based?
Geographic Presence (GDPR Readiness Survey Question 2)
Do you get external help for the GDPR?
External vs Internal Help (GDPR Readiness Survey Question 3)
Which department is leading/responsible for your GDPR efforts?
Department Role in the GDPR (GDPR Readiness Survey Question 4)
Which of the following best describes your state of GDPR compliance?
Current State of GDPR Compliance (GDPR Readiness Survey Question 5)
What were your reasons for investing in GDPR compliance?
Reasons to invest in the GDPR (GDPR Readiness Survey Question 6)
What is the biggest challenge about the GDPR?
Biggest Challenge in the GDPR (GDPR Readiness Survey Question 7)
Please choose the key requirements you have already executed:
GDPR Requirements Executed (GDPR Readiness Survey Question 8)
Please choose the key requirements you have already executed with a software service:
GDPR Execution with a Software (GDPR Readiness Survey Question 9)
GDPR Budget Distribution
Annual Budget for the GDPR in SMEs (GDPR Readiness Survey Question 10)
What was the impact of GDPR Compliance?
Impact of the GDPR (GDPR Readiness Survey Question 11)
Now that the 25th May GDPR deadline has passed, how will the data privacy management change at your company?GDPR Readiness Survey Question
GDPR Importance after 25th May (GDPR Readiness Survey Question 12)
Do you plan to increase investment in technology and tools to support your ongoing GDPR compliance efforts? GDPR Readiness Survey Question
Investment in technology for the GDPR compliance efforts (GDPR Readiness Survey Question 13)



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store