An essential aim of the data protection regulation is to protect the fundamental rights of data subjects. We need to evaluate the risks to these rights and weigh them against other fundamental rights positions in various assessments. This includes data protection risk assessments of Art. 24, 25 and 32 as well as 36 GDPR, Art 6f, GDPR, for legitimate interest and more. Beyond the rights to “private life” and “protection of personal data” (Art.7 & 8) there is a number of fundamental rights potentially infringed by data processing. If we think about it, we recognize it is not so obvious which data processing means and practices affect which fundamental rights. In this workshop we want to address these questions and draw on the multidisciplinary expertise of the workshop’s attendees. After a short intro in the topic and a presentation of the fundamental rights of the EU Charta of fundamental rights, we collect concrete scenarios of personalization and conduct a world café.