Discover your privacy maturity level

Take our free privacy maturity assessment and find out which concrete actions you’d need to take to achieve your organization’s desired privacy maturity level.

As there are many privacy laws out there, it’s important to note that our assessment focuses primarily on the GDPR.

* The assessment will require you to share your personal data as stated in our privacy policy in order to receive your maturity score.

What is a privacy maturity level?

Though there are several frameworks to determine privacy maturity levels, the general concept is the same: A privacy maturity level indicates how capable an organization is at handling everything related to privacy legislation such as GDPR. This includes processes, procedures, policies, awareness trainings, continuous improvement, reporting etc.

The most known maturity model is the Capability Maturity Model Integration (or, CMMI). It’s been applied to several different sectors like marketing, sales, finance, human resources… with organizations ending up at one of five maturity levels:

  1. Initial
  2. Managed
  3. Defined
  4. Quanitatively managed
  5. Optimizing

How does the free privacy maturity assessment work?

Usually, the maturity level is the aggregate of several subdomains’ maturity levels. Privacy is no exception. We based our privacy maturity assessment on the model suggested by the Commission Nationale Informatique & Libertés (CNIL), the French Data Protection Supervisory Authority. 

They have defined eight subdomains within privacy with each of them having a maturity level of 1 – 5:

  1.  Defining and implementing data protection procedures
  2. Data protection governance
  3. Maintaining the records of processing activities
  4. Ensuring data processing activities are compliant with privacy law
  5. Educating and raising awareness
  6. Treating data subject requests
  7. Managing security risks
  8. Managing incidents & breaches
Once you know the maturity level for each of those, the aggregate score becomes your organization’s privacy maturity level.

Why is a privacy maturity level useful?


The goal of the privacy maturity level is to give clear instructions to organizations to improve their execution and compliance with privacy laws.

Tailored action plan

Not every organization needs or should aspire to the highest maturity level. The Privacy maturity model allows organizations to determine short and long-term goals, as well as high-level action plans, tailored to their specific situation.


It also proves to be a great way to report the value of departments with typically little direct impact on company performance towards leadership. E.g.: compliance, legal, IT, risk, …

Increase your privacy maturity level

Our software provides structure, automation and reporting capabilities across all eight privacy subdomains, making it the perfect tool to bring your (privacy) organization to the next level

If you’d like to see RESPONSUM in action, fill out the form and get in touch with one of our experts.

* RESPONSUM is committed to protecting and respecting your privacy. We will only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick above to confirm we may contact you. You can unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy ( By clicking submit above, you consent to allow RESPONSUM to store and process the personal information submitted above to provide you the requested communication.


Copyright © RESPONSUM BV

ISO certification logo