If the application involves your clients to enter their info on their own personal devices, Then you definitely qualify for SAQ A. The GDPR protects private knowledge regardless of the engineering utilized for processing that knowledge. It is engineering neutral and relates to each automated and manual processing, presented the https://www.nathanlabsadvisory.com/supply-chain-security.html
