Many organizations want to handle personal data carefully, but find it difficult in practice to apply privacy rules properly. That is why the European Data Protection Board (EDPB) is asking organizations - especially SMEs - to help think of practical tools.
With a public consultation, the EDPB is asking what tools would most help organizations more easily comply with the General Data Protection Regulation (GDPR).
The EDPB is considering different types of tools, such as sample texts, formats, templates and checklists. These tools should support organizations in complying with the AVG without unnecessary administrative burdens.
SME organizations in particular report difficulty in translating legal obligations into workable, daily processes. Better tools will allow them to focus on what is central to them: secure and privacy-conscious business.
The EDPB wants to prevent every organization from having to reinvent the wheel. By offering practical support that fits the daily practice of organizations, compliance becomes easier and more consistent. At the same time, good protection of personal data remains the starting point. The consultation should lead to tools that both reduce the regulatory burden and continue to protect people's rights.
The Autoriteit Persoonsgegevens (AP) strongly urges industry associations to respond. They have knowledge of practice within their sector and know which tools actually help. By sharing their experiences, they can directly contribute to solutions that better meet the needs of companies and other organizations.
Comments can be made through December 3, 2025 via the EDPB website. There you will also find the full explanation of the consultation.
