SMOOTH Project

Assisting Micro Enterprises to adopt and be compliant with GDPR

SMOOTH project assists Micro enterprises to adopt and be compliant with the General Data Protection Regulation (GDPR) by designing and implementing easy-to-use and affordable tools to generate awareness on their GDPR obligations and analysing their level of compliance with the new data protection regulation.


Micro-enterprises often lack resources in terms of time, finance, people and knowledge to understand and apply the GDPR requirements, leaving them exposed to involuntary breaches and fines.

SMOOTH project will provide micro enterprises with resources to adopt GDPR in a smooth manner without incurring to unnecessary or unaffordable costs and safeguarding the interests of the EU data subjects on data privacy and security.

On the one hand, SMOOTH will create awareness on the importance of being compliant with the new legislation delivering a practical GDPR interactive handbook tailored to guide micro enterprises through the GDPR requirements. On the other hand, SMOOTH will develop an advanced cloud-based platform for validating the GDPR compliance of their privacy policies, databases as well as their tracking elements in websites and mobile applications. Micro companies will be informed of the elements needed to be GDPR compliant and will be equipped with tailored tools and resources for solving any detected issues.

The project is born from technology partners and data protection authorities and will be co-designed and validated by actual micro companies with the aim of becoming the reference tool platform for GDPR Compliance.

gdpr photo

Objectives of the project

SMOOTH will create a GDPR Online Interactive Handbook (SMOOK), which will provide a detailed guide for MSMEs to understand what the GDPR is, how it affects them and the procedures that need to be followed for becoming compliant with the regulation.

SMOOTH partners will elaborate a meticulous communication and dissemination plan that will leverage the available communication channels to deliver the project’s vision and results to at least 1 million European MSMEs.

SMOOTH’s solution development will include technology to automatically analyse the key text documents related to privacy protection and MSMEs personal data storage repositories, as well as personal data collection and exploitation from websites and mobile apps.

SMOOTH platform will deliver a Compliance Report indicating the aspects of the GDPR for which the MSME was found compliant and the aspects for which incompliance was noticed with specific feedback on how the MSME should proceed to remedy it.

To assess the performance and usability of the platform, SMOOTH will involve within its life cycle at least 60 MSMEs acting as beta-testers in two pilots of the developed technology to get feedback on the performance, usability and interactivity of the platform.

Data Protection Authorities participating in the consortium will offer GDPR audit services for free to MSMEs in Spain and Latvia. In the remaining 26 EU countries, SMOOTH platform services will be offered under a very reasonable fee.

SMOOTH will run a market validation pilot recruiting at least 500 MSMEs to test the developed platform services in a realistic pre-production environment for obtaining valuable feedback on quality of experience, performance and market perception.

Work Packages

SMOOTH project has a total duration of 30 months and is divided in 9 work packages (WPs):

  • WP1 – Management
  • WP2 – Requirements, entry questionnaire and interactive handbook
  • WP3 – Analysis of informative documents on data protection and privacy
  • WP4 – Analysis of data repositories
  • WP5 – Analysis of websites and mobile apps
  • WP6 – SMOOTH Cloud Platform
  • WP7 – Demonstration, piloting and market validation
  • WP8 – Exploitation, Dissemination, Communication
  • WP9 – Ethical, legal, social and data management aspects

Expected impact

  • Support for data protection fundamental right
  • Increased trust and confidence in the Digital Single Market
  • Increase in the use of privacy-by-design principles in ICT systems and services
  • Support the forthcoming ePRIVACY regulations
  • Enhanced innovation capacity and competitiveness of European Market
lock smooth


Related EU-funded Projects


Data Governance for supporting GDPR


Support Training Activities on the data protection Reform

European Observatory of research and innovation in the field of cybersecurity and privacy