logo data protection rating
icon the data protection rating

The Data Protection Rating

The Data Protection Rating assesses, in a simple and transparent way, the trustworthiness of the current data protection measures of your organization or your business partners.
Here you can find the requirements of the Data Protection Maturity Level Scheme posed in the Data Protection Rating as a downloadable PDF for viewing.
Further details can be found on the website of KSÖ.
graphic the data protection rating
The requirements of the scheme are reviewed annually by the Data Protection Advisory Board.
The Data Protection Rating is based on 25 practical questions that are easy for you to answer with minimal effort.
The Data Protection Rating can be used for both tendering processes and existing customers, and is available in Austria's largest IT security and data protection database.

Why Get a Data Protection Rating?

icon arrow

Organizations processing personal data under GDPR must also implement data protection measures with their suppliers. The Data Protection Rating provides an efficient method for assessing the trustworthiness of suppliers or organizations through a verified self-assessment.

An Overview of the Assessment Process

The rating process consists of six steps and is individually validated, answer by answer, by leading data protection experts.
graphic procedure of the data protection rating

The Data Protection Manager

With the Data Protection Manager, thousands of suppliers can be imported and organized. This provides a simple and clear overview of the most important suppliers from a data privacy perspective at a glance.
graphic the data protection manager
All Benefits at a Glance
icon arrow

Effective Risk Management

The Data Protection Rating supports you in risk management by helping to identify and minimize data privacy risks in the supply chain. By assessing data privacy practices, organizations can identify potential vulnerabilities and take appropriate measures to reduce the risk of a data privacy breach.

Only 25 Questions

The assessment of the Data Protection Rating is based on 25 practical questions, including ten so-called 'minimum requirements' - requirements that must be strictly complied with according to GDPR - which are easy for you to answer with little effort


A good data privacy rating not only provides a sense of security but also reduces the risk of data breaches and associated legal consequences. By fulfilling the obligations of the GDPR and other data protection laws, the organization can protect itself from fines, reputational damage, and legal issues.

Transparent and Secure

The questions posed in the Data Protection Rating are publicly accessible at all times. This means you can inform yourself before starting the assessment. After completion and provision of the Data Privacy Rating, the responses to the requirements (self-declaration) will be deleted after two weeks.

Ahead of the Competition

Organizations with a positive Data Protection Rating enjoy a clear competitive advantage. A solid rating signals to potential customers and partners that the organization takes data protection seriously and implements appropriate measures.

Always Up-To-Date

The questions of the Data Protection Rating are annually maintained and optimized by the Data Protection Advisory Board to ensure an up-to-date security standard. This ensures ongoing compliance with regulatory requirements. Therefore, the rating is valid for one year.

More Information

If you would like to learn more about the rating, our team is always available to assist you.

Ready for your Data Protection Rating?

Show your business partners that your organization implements trustworthy data protection measures - secure your rating today.

Information Materials

In Collaboration with