As a result of the progressive digitalization and the companion simplification of transformation, administration, evaluation and transmission of data, the data privacy becomes increasingly relevant. New risks, abuse possibilities and consequently more challenges, in context with the protection of personal data, arise. To meet this changes the compulsory regulations for the companies have to be adapted to the changing conditions.
As a result, on the 27th of April 2016 the General Data Protection Regulation (GDPR) came into effect. It regulates the data protection and privacy for all companies operating in the European Union. Every private company and public places had two years time to implement this rules. In case of violation, fines up to 20 milion euro or 4% of the worldwide annual turnover of the previous financial year, depending which sum is greater, can be imposed. This fact emphasizes the importance of this regulation.
In order to fullfil the GDPR, companies need to publish their respective privacy policies. Unfortunately, privacy policies tend to be very complicated while hampering the understandability. This research aims to support end consumers in understanding privacy policies, but also the issuing company. Therefore, we want to investigate into the compliance of privacy policies.