2023 Data Protection Checklist

We are excited to announce that the 2023 Data Protection Checklist is now available for public consultation! We encourage you to download the consultation version and share with us any question or feedback.

The 2023 Data Protection Checklist is open for public consultation.

We are excited to announce that the 2023 Data Protection Checklist is now available for public consultation. This document is a useful tool for ensuring that your organization remains compliant with data protection regulations and best practices. By downloading the checklist, you can review your current data protection policies and procedures, and make any necessary changes to ensure that you are protecting sensitive information. We encourage you to download the checklist before submitting any comments or suggestions you may have, to help us continue to improve this valuable resource.


Submit your feedback

Making sense of a fragmented landscape

Professionals and organisations collecting personal data worldwide face a fragmented patchwork of regulations that they must comply with. Developing a compliance programme that meets the world's various requirements can be complicated, particularly for small and medium-sized organisations that may not always have access to top legal and compliance advice.

That's where the Data Protection Checklist comes in. It is a practical tool designed to support you in ensuring that your compliance programme is built around the key compliance issues that lawmakers and regulators care about. It can help you identify gaps in your compliance programme based on requirements that apply across markets.

Built on a solid global foundation

Our checklist is built on common principles that underpin all data protection legislation around the world. They have been set by government bodies united in the international Organisation for Economic Development and Cooperation (OECD) and require:

  • Minimum impact for the individuals whose data is being collected

  • Appropriate notice and consent for the individuals

  • The responsibility to guarantee data integrity and security

  • The responsibility to safely manage any transfers of data

  • The publication of one's privacy policy

  • Special care when dealing with collecting data from children, business-to-business, photographs, audio and video recordings, cloud storage and anonymisation.

Written by compliance and insights experts

The Data Protection Checklist was drafted by an international project team featuring both data protection and compliance experts and professionals working on international data, research and insights projects to help resolve the most pressing operational issues.

Rupert van Hüllen
ESOMAR Committee Member, Global Chief Privacy Officer, Ipsos at Ipsos
Ravinder Roopra
ESOMAR Committee Member
Kim Smouter
ESOMAR Committee Member, Chair of ESOMAR's Legal Affairs Committee at ENAR
Judith Passingham
ESOMAR Committee Member, Chair of the Professional Standards Committee at ESOMAR
Prof. Dr. Raimund Wildner
ESOMAR Committee Member, Managing Director and Vice-President at GfK
Philippe Guilbert
ESOMAR Committee Member, Consultant at Syntec Conseil
Reg Baker
ESOMAR Ambassador, ESOMAR Ambassador for North America at ESOMAR
Kathy Joe
ESOMAR Staff, Research World Editorial Consultant at ESOMAR