The majority of businesses are failing to comply with GDPR, according to new research

New research reveals that 70% of businesses worldwide failed to address requests made from individuals seeking to obtain a copy of their personal data as required by GDPR (General Data Protection Regulation) within the one-month time limit set out in the regulations.

The research on personal data requests made to 103 companies based or operating in Europe across industries including retail, media, technology, public sector, finance, and travel. Conducted between June 1 and September 3, 2018.

Talend, who conducted the research, assessed responses to GDPR Article 15 (“Right of access by the data subject”) and Article 20 (“Right to data portability”) requests, monitoring areas including GDPR references in privacy policies, and the speed and completeness of responses.

Penny Jones, Research Director at 451 Research said: “GDPR requires insight into company data and its governance,”

“Recent research, including that done by Talend and separate reports by 451 Research, has found that while many organisations understand the importance of GDPR, many are still not taking their data seriously in terms of the technologies and processes they have in place. As a result, many businesses are falling short of their GDPR obligations. They can lack the proper methods for storing, organising or retrieving data in line with the regulation’s requirements.”

Jean-Michel Franco, Senior Director of Data Governance Products at Talend said: “GDPR presents an opportunity to engage with customers and build loyalty. It’s vital for businesses in the digital era to have a 360-degree view of customers,”

“Businesses must ensure that data is consolidated and stored in a transparent and shareable way. What’s more, GDPR’s one-month time limit should be viewed as an absolute deadline rather than a target. Our research shows that it is possible for some brands to respond within a day, suggesting that these brands understand fast response times will help boost customer trust.”


The inaugural Data Protection World Forum (DPWF) will be held on November 20th & 21st 2018 at the ExCeL London which will provide a broader focus across the data protection and privacy space amidst the progressive tightening of global data protection laws.

Ahead of the end of year event, DPWF has launched a series of intensive workshops.

Further information on the DPWF and workshop details are available at: https://www.dataprotectionworldforum.com/