The European Data Protection Board (EDPB) has launched a new guide to help small businesses comply with the General Data Protection Regulation (GDPR). The guide provides practical advice and guidance on how to protect personal data and ensure compliance with the GDPR.  

The guide is aimed at small and medium-sized enterprises (SMEs) that may not have the resources or expertise to navigate the complex data protection landscape. It covers a range of topics, including data processing, data security, data breaches, and data subject rights. SMEs play a vital role in the European economy, but they often face challenges in complying with the GDPR. 

In this guide, SMEs will find various tools and practical tips to help them comply with the GDPR. It includes concrete examples gathered during our 5 years of experience with the GDPR.” said Andrea Jelinek, the Chair of the EDPB.  

The guide includes a range of resources such as videos, infographics, interactive flowcharts, and other practical materials designed to provide guidance on data protection practices for SMEs. These resources are aimed at helping SMEs understand their obligations under the GDPR and providing practical advice on how to implement data protection measures. 

Additionally, the guide provides an overview of other handy materials developed by national Data Protection Authorities (DPAs) to further assist SMEs in implementing data protection practices. It offers, among others, guidance on conducting a Data Protection Impact Assessment (DPIA), ensuring the security of personal data, and how to handle data breaches, such as notifying the relevant supervisory authority and data subjects. 

The guide is available on the EDPB’s website at  


Do you have any questions about developments within privacy and data protection? Contact us, the Experts in Data Privacy, at for more information.