According to some implementations, compliance assessment metrics in a subset of two or more compliance assessment metrics are combined to form a combined compliance assessment metric. Each compliance assessment metric in the subset reflects a level of compliance of a set of rules with a different type of data privacy and/or data security laws, regulations, and/or policy. The set of rules are to manage personal data in an organization instance of a customer of a cloud-based software provider capable of hosting the organization instance in one or more datacenters in a plurality of different geographic regions. In addition, a dashboard, which is part of a data policy compliance service provided by the cloud-based software provider, is caused to be displayed and includes at least the combined compliance assessment metric.