🇪🇺 Live Workplace Safety & WHS/OHS

EU GDPR

Regulates the processing of personal data of individuals in the European Union, establishing rights for data subjects and obligations for data controllers and processors. Applies to any organization that processes personal data of EU residents.

272

Rules extracted

947

Obligations decomposed

3.5x

Avg obligations per rule

🇪🇺 European Union

Jurisdiction

What AuditDSS covers

Source

Regulation

Extracted

272

Rules

Decomposed

947

Obligations

3.5x

Decomposition ratio

Each rule is decomposed into an average of 3.5 atomic obligations — the smallest testable units that can be independently violated.

Fully extracted & scored

All 947 obligations have been decomposed, titled, risk-scored, and embedded for semantic matching.

Risk scoring

Every obligation in GDPR is scored across independent risk dimensions:

Obligation Weight

How critical within the regulatory framework

Violation Likelihood

How often breached in practice

Enforcement Evidence

Regulator enforcement history and penalties

Cascade Dependency

How many obligations depend on this one

Regulatory details

Full title: EU GDPR
Regulatory body: European Data Protection Board
Jurisdiction: 🇪🇺 European Union
Document type: legislation
Effective date: May 25, 2018
Industry: Workplace Safety & WHS/OHS

Who this applies to

data controllersdata processorsorganisations processing EU residents' data

Key requirements

lawful basis for processing
data subject rights
data breach notification within 72 hours
data protection impact assessments
data protection officer
international transfer safeguards
records of processing

Frequently asked questions about GDPR

What is GDPR?

Who does GDPR apply to?

GDPR applies to data controllers, data processors, organisations processing EU residents' data.

How many obligations does GDPR contain?

AuditDSS has decomposed GDPR into 947 atomic obligations from 272 rules. Each obligation is independently testable and risk-scored.

What are the key requirements of GDPR?

The key requirements include: lawful basis for processing, data subject rights, data breach notification within 72 hours, data protection impact assessments, data protection officer, international transfer safeguards, records of processing.

How can I assess my GDPR compliance?

Upload your compliance policy to AuditDSS. The platform maps your document against all 947 GDPR obligations using deterministic AI scoring — not checklists or LLM summaries. You get a risk-scored gap analysis showing exactly which obligations are covered, partially covered, or missing.

Which jurisdiction enforces GDPR?

GDPR is enforced in European Union by European Data Protection Board.

When did GDPR come into effect?

GDPR became effective on May 25, 2018.

What industry does GDPR apply to?

GDPR is primarily relevant to the Workplace Safety & WHS/OHS industry. AuditDSS covers 45 regulations in this industry sector.

Build a GDPR compliance pack

Don't have a compliance policy yet? AuditDSS generates a complete compliance pack for GDPR — alone or combined with other regulations your business needs. Every clause is mapped to specific obligations.

Policy

High-level commitments and governance framework covering GDPR requirements.

Procedures

Step-by-step operational procedures to implement each policy commitment.

Forms & checklists

Ready-to-use forms, registers, and checklists for day-to-day compliance operations.

Multi-regulation

Combine GDPR with other regulations into a single unified compliance pack for your business.

Build GDPR compliance pack

Already have a policy? Assess it against GDPR

Upload your document

Upload your compliance policy, program manual, or operational document. AuditDSS accepts any text-based document.

AI maps against 947 obligations

Your document is scored against every obligation in GDPR. Each claim is mapped to the obligation tree and evaluated for coverage.

Risk-scored gap report

Receive every gap ranked by risk priority with remediation guidance, enforcement evidence, and cascade impact analysis.