As a complete beginner on the subject, I am wondering if the DPIA is to be performed is dependent on the size of the company. In other words, do you treat a one-man company differently to a company with 200 plus employees? On an even simpler level, does my own business contact list also fall within the DPGR and must it be maintained separately from my personal contact list?
DPIAs are not depended on the size of the company but are related only to the processing activities. If you acting as a sole trader that would perform processing activities that would fall into the high risk category a DPIA would be needed.