This chart depicts the share of most popular websites with privacy policies before and after GDPR in the European Union 2018, by country. Because of the GDPR regulation, the share of websites with privacy policies was higher in October 2018 than it was in December 2017. The country with the greatest difference was Latvia with 15.7 percentage points.

A dataset of privacy policies in the Greek language, with policies coming from top visited websites in Greece with a privacy policy in the Greek language.

The dataset, as well as results of its analysis are included.

if you want to use this dataset, please cite the relevant conference publication:

Georgia M. Kapitsaki and Maria Papoutsoglou, "A privacy policies dataset in Greek in the GDPR era, in Proceedings of the 27th Pan-Hellenic Conference on Informatics, PCI 2023.

The data consists in crawled privacy policies from European privacy policies. They were split into paragraphs and annotated as containing or not personal data.

The question that was asked to annotators was "Does this paragraph contain the explicit mention of specific personal data (e.g. name, phone number, social security, …) being collected?".

A full description of the dataset can be found in D3.4 of the SMOOTH project

As of January 2025, The European Union (EU) had three fully operating and one upcoming law regarding online privacy and the usage of digital technologies. The first one, the General Data Protection Regulation (GDPR), was enacted in May 2018. The second law became effective on February 17, 2024, and is called the Digital Services Act (DSA). In March 2024, another law protecting consumer privacy, the Digital Markets Act, was enacted. The latest regulation adopted by the European Union (EU) is called the Cyber Resilience Act (CRA), which became active in December 2024.

The PRODIGEES Data Protection Policy details PRODIGEES regulations concerning data collection, use, protection and privacy. The PRODIGEES Data Protection Policy is based upon the laws and regulations of the EU's General Data Protection Regulations (EU-GDPR). Every PRODIGEES staff member and research participant is required to read and consent to the PRODIGEES Data Protection Policy. Horizon 2020 MSCA-RISE, Grant Agreement #873119

The global market for Privacy Policy Generator Software is experiencing robust growth, projected to reach $276 million in 2025 and maintain a Compound Annual Growth Rate (CAGR) of 11.3% from 2025 to 2033. This expansion is fueled by several key drivers. Increasingly stringent data privacy regulations, like GDPR and CCPA, are compelling businesses of all sizes – from large enterprises to small and medium-sized enterprises (SMEs) – to adopt robust privacy policies. The rising adoption of cloud-based and web-based solutions further contributes to market growth, providing businesses with accessible and cost-effective tools to manage their compliance needs. The market is segmented by application (Large Enterprises and SMEs) and type (Cloud-Based and Web-Based), with cloud-based solutions gaining significant traction due to their scalability and ease of use. Competitive landscape is dynamic, featuring established players like IBM alongside specialized providers such as Termly.io, iubenda, Get Terms, PrivacyPolicies.com, Seers Co, Termageddon,LLC, and TermsFeed. The geographical distribution shows strong presence across North America, Europe, and Asia Pacific, reflecting the global reach of data privacy concerns. Future growth will likely be driven by the continuing evolution of data privacy regulations, increasing cyber security threats, and the growing demand for user data transparency and control. The continued digital transformation of businesses worldwide ensures sustained demand for user-friendly and effective privacy policy generation tools. The market is expected to witness further fragmentation as specialized solutions catering to niche industries and specific regulatory requirements emerge. North America is likely to retain its leading market share due to early adoption of privacy regulations and a high concentration of technology companies. However, regions like Asia Pacific are expected to showcase significant growth potential in the coming years, driven by increasing internet penetration and the implementation of stricter data privacy regulations. The competition within the market is likely to intensify as vendors continue to enhance their product offerings with features such as automated policy updates, multi-lingual support, and seamless integration with other compliance tools.

This documents specifies splog, a vocabulary to log data processing and sharing events that should comply with a given consent provided by a data subject. We also model the consent actions related to consent giving and revocation.

See more at: http://purl.org/specialprivacy/splog

This graph shows the results of a survey about the future GDPR impact on M&A due diligence in 2018, by region. In the EMEA area, ** percent of European professionals involved in M&A transactions believed that by 2022 the General Data Protection regulation will increase acquirers’ scrutiny of the data protection policies and processes of target companies.

115 privacy policies from the OPP-115 corpus have been re-annotated with the specific data retention periods disclosed, aligned with the GDPR requirements disclosed in Art. 13 (2)(a). Those retention periods have been categorized into the following 6 distinct cases:

C0: No data retention period is indicated in the privacy policy/segment. C1: A specific data retention period is indicated (e.g., days, weeks, months...). C2: Indicate that the data will be stored indefinitely. C3: A criterion is determined during which a defined period during which the data will be stored can be understood (e.g., as long as the user has an active account). C4: It is indicated that personal data will be stored for an unspecified period, for fraud prevention, legal or security reasons. C5: It is indicated that personal data will be stored for an unspecified period, for purposes other than fraud prevention, legal, or security. Note: If the privacy policy or segment accounts for more than one case, the case with the highest value was annotated (e.g., if case C2 and case C4 apply, C4 is annotated).

Then, the ground truth dataset served as validation for our proposed ChatGPT-based method, the results of which have also been included in this dataset.

Columns description: - policy_id: ID of the policy in the OPP-115 dataset - policy_name: Domain of the privacy policy - policy_text: Privacy policy collected at the time of OPP-115 dataset creation - info_type_value: Type of personal data to which data retention refers - retention_period: Period of retention annotated by OPP-115 annotators - actual_case: Our annotated case ranging from C0-C5 - GPT_case: ChatGPT classification of the case identified in the segment - actual_Comply_GDPR: Boolean denoting True if they apparently comply with GDPR (cases C1-C5) or False if not (case C0) - GPT_Comply_GDPR: Boolean denoting True if they apparently comply with GDPR (cases C1-C5) or False if not (case C0) - paragraphs_retention_period: List containing the paragraphs annotated as Data Retention by OPP-115 annotators and our red text describing the relevant information used for our annotation decision

This is privacy policy for the survey following the guidelines of GDPR

Global Data Privacy & Security (HIPAA/GDPR) is segmented by Application (Consent management, data masking, anomaly detection, audit logs, breach detection, federated analytics, policy enforcement, risk scoring), Type (Encryption tools, audit tools, anonymization, federated learning, access controls, privacy-preserving ML, compliance monitoring, governance platforms) and Geography(North America, LATAM, West Europe, Central & Eastern Europe, Northern Europe, Southern Europe, East Asia, Southeast Asia, South Asia, Central Asia, Oceania, MEA)

According to research conducted in October 2023, one-third of GDPR fines imposed against leading social media platforms were for misuse of children's data. The study found that Instagram saw the highest amount of fines for violating children's data privacy online, receiving 405 million euros of fines between May 2018 and October 2023. TikTok followed, with all its fines in the research period containing violation of children's online privacy.

GDPR-Masked Whois Database, discover comprehensive ownership details, registration dates, and more for domains registered in GDPR-Masked with Whois Data Center.

Comprehensive dataset outlining Advatec’s privacy policy, including data collection practices, user rights, GDPR compliance, and third-party data handling procedures.

The Security Policy Management (SPM) solutions market is experiencing robust growth, driven by the escalating need for enhanced cybersecurity in a rapidly evolving digital landscape. The increasing complexity of IT infrastructure, coupled with the proliferation of cloud services and remote work, necessitates robust and centralized policy management. Organizations face mounting pressure to comply with stringent data privacy regulations like GDPR and CCPA, further fueling the demand for sophisticated SPM solutions. The market, estimated at $5 billion in 2025, is projected to witness a Compound Annual Growth Rate (CAGR) of 12% through 2033, reaching an estimated $12 billion by then. This growth is propelled by the adoption of advanced technologies like artificial intelligence (AI) and machine learning (ML) to automate policy enforcement and improve threat detection. Leading vendors such as Google, Amazon, Cisco, and Check Point are investing heavily in R&D to offer innovative SPM solutions that address the dynamic needs of enterprises across various sectors. The market segmentation reveals significant opportunities within specific verticals. The financial services sector, for example, is expected to drive significant growth due to strict regulatory compliance demands and the high value of the data they manage. Similarly, the healthcare industry faces increasing pressure to protect sensitive patient information, contributing to strong growth in this segment. However, the market faces certain restraints, including the high initial investment costs associated with implementing SPM solutions and the complexity of integrating these solutions with existing IT infrastructure. Despite these challenges, the long-term outlook for the SPM market remains positive, fueled by continuous innovation and increasing awareness of the importance of effective security policy management.

The market for Privacy Policy Generator Software is experiencing a steady growth, driven by increasing concerns over data privacy and regulatory compliance. The market size stood at $260.3 million in 2025, and is projected to reach $589.9 million by 2033, exhibiting a CAGR of 10.8% from 2025 to 2033. The proliferation of personal data collection, coupled with stringent data protection regulations like GDPR and CCPA, is propelling the adoption of this software among businesses. Key market trends include the rise of cloud-based solutions, catering to the growing need for flexibility and reduced infrastructure costs. Large enterprises are actively leveraging these solutions to manage the complexities of privacy compliance. Additionally, the increasing adoption of privacy policies across verticals such as e-commerce, healthcare, and financial services is further fueling the market growth. The major players in the market include Termly.io, iubenda, Get Terms, PrivacyPolicies.com, IBM, Seers Co., Termageddon, LLC, TermsFeed, and AppPrivacy.com. North America remains the dominant region for this market, followed by Europe and Asia-Pacific.

The Corporate Compliance Solutions market is experiencing robust growth, projected to reach $2513.3 million in 2025. While the provided CAGR is missing, considering the increasing regulatory scrutiny across industries, coupled with the rising adoption of digital technologies for compliance management, a conservative estimate of a 10% CAGR for the forecast period (2025-2033) is reasonable. This growth is driven by several factors: the ever-increasing complexity of global regulations (like GDPR and others), the need to mitigate reputational and financial risks associated with non-compliance, and the growing awareness of the importance of ethical business practices. The market is segmented by solution type (Risk Management Systems, Continuous Controls Monitoring, GDPR Compliance Software, Policy Management, EHS Management Software, Whistleblowing Software, and Others) and application (SMEs and Large Enterprises). Large enterprises are currently the dominant segment, but the adoption rate among SMEs is anticipated to rise significantly, driven by cost-effective cloud-based solutions and increasing regulatory pressure. The market's growth is further fueled by advancements in technology, including artificial intelligence (AI) and machine learning (ML), which automate compliance processes, improve accuracy, and reduce manual effort. However, challenges such as high initial investment costs for implementing comprehensive compliance solutions, and the need for continuous updates to adapt to evolving regulations, pose some restraints. Despite these challenges, the market is expected to witness a sustained period of expansion, driven by the ongoing need for businesses to ensure legal and ethical operations across all aspects of their business globally. The expanding focus on ESG (environmental, social, and governance) factors is also likely to catalyze further investment and development in the corporate compliance space, driving market expansion throughout the forecast period.

Whole genome/exome sequencing (WGS/WES) has become widely adopted in research and, more recently, in clinical settings. Many hope that the information obtained from the interpretation of these data will have medical benefits for patients and—in some cases—also their biological relatives. Because of the manifold possibilities to reuse genomic data, enabling sequenced individuals to access their own raw (uninterpreted) genomic data is a highly debated issue. This paper reports some of the first empirical findings on personal genome access policies and practices. We interviewed 39 respondents, working at 33 institutions in 21 countries across Europe. These sequencing institutions generate massive amounts of WGS/WES data and represent varying organisational structures and operational models. Taken together, in total, these institutions have sequenced ∼317,259 genomes and exomes to date. Most of the sequencing institutions reported that they are able to store raw genomic data in compliance with various national regulations, although there was a lack of standardisation of storage formats. Interviewees from 12 of the 33 institutions included in our study reported that they had received requests for personal access to raw genomic data from sequenced individuals. In the absence of policies on how to process such requests, these were decided on an ad hoc basis; in the end, at least 28 requests were granted, while there were no reports of requests being rejected. Given the rights, interests, and liabilities at stake, it is essential that sequencing institutions adopt clear policies and processes for raw genomic data retention and personal access.

This deliverable discusses the technical, legal, and practical requirements for running a public hacking challenge program and maximizing its outcome. It also provides a concrete plan and delivers the first challenge call for entries and the accompanying program policy

The Policy Management Software market, currently valued at $489 million in 2025, is projected to experience robust growth, driven by increasing regulatory compliance needs across industries and the rising adoption of cloud-based solutions. The 7.5% CAGR from 2025 to 2033 indicates a significant expansion, fueled by the need for efficient policy creation, distribution, and management across large enterprises and SMEs. This growth is further accelerated by evolving trends such as the increased focus on data privacy regulations (GDPR, CCPA, etc.), the need for streamlined audit trails, and the growing demand for automated workflows within policy management. While initial investment costs and integration complexities might present some restraints, the long-term benefits of reduced operational costs, improved risk mitigation, and enhanced compliance outweigh these challenges. The market is segmented by application (large enterprises showing higher adoption than SMEs initially, but with SME growth expected to accelerate) and deployment type (cloud-based solutions are expected to dominate due to scalability and accessibility). Geographic analysis indicates that North America currently holds the largest market share, followed by Europe and Asia Pacific, with significant growth potential in emerging markets. The competitive landscape involves both established players and niche providers, each offering unique features catering to diverse customer needs. The market's future is promising, particularly with the continued rise of digital transformation and the ever-increasing complexity of regulatory frameworks. The competitive landscape is dynamic, with companies like PowerDMS, ClauseMatch, and MetricStream leading the charge. These established players are constantly innovating, integrating AI and machine learning capabilities to enhance their offerings and provide more sophisticated policy management tools. The market is also attracting several specialized solutions catering to specific industries like healthcare (Florence Healthcare, MCN Healthcare Policy Manager) further indicating the market's depth and its expansion into specialized niches. The predicted growth will depend on continued technological advancements, increasing awareness of the benefits of efficient policy management, and the successful navigation of the challenges associated with data security and seamless integration with existing enterprise systems. The next decade promises to be a period of significant expansion for the Policy Management Software market, with significant opportunities for both established players and new entrants.