GDPR compliance and implementation is a complex but necessary process
Regulatory compliance has become necessary due to growing public concerns about data collection, storage and disposal. Fines for non-compliance can be up to 20 million euros or up to 4% of the total global turnover of the previous fiscal year. Through correct and efficient implementation we ensure the preservation of the integrity of the company.
What it entails:
- Drafting of documentation and procedures for GDPR implementation
- Identifying and defining the legal bases for the collection, processing and storage of personal data
- Adaptation of documentation and internal policies in the company, marketing documentation and product/service documentation
- Consulting on the inclusion of the basic principles of the GDPR in the company’s procedures, documents, policies and products (in the recruitment processes, selection of suppliers, customers, in the design of the products and services used, etc.)
- Update Internal regulations, job descriptions;
- Updating existing contractual provisions – employment contracts, supplier contracts, collaboration contracts (confidentiality clauses, clauses regarding the protection of personal data);
- Drafting of annexes/agreements regarding the protection of personal data in contractual relationships – employment contracts, supplier contracts, collaboration contracts;
- Preparation of security breaches/violations register and security documentation;
- Preparation of supplier register and supplier evaluation/selection procedure;
- Drafting procedure for the management of security breaches and their notification to the Authority;
- Editing relevant parts of marketing and sales documents;
- Editing relevant parts of product/service technical documentation;
- Drafting of other documents, according to the needs identified in the audit report.
We can also help with the implementation of the following policies:
- Cookies policy
- Terms and Conditions
- Data Protection Impact Assessment Guide
- Bring Your Own Device Policy
- Device handover protocol
- Data Storage Policy
- GDPR rights form
- Guide to the Role of the Data Protection Officer
- The procedure regarding the requests of the persons concerned
GDPR website compliance:
Any website must be GDPR compliant and adhere to security measures and privacy regulations.
Since the website is the main public face of any company, it is very important that you comply with all data protection standards.
What does it involve?
- A full website audit to identify missing policies and potential risks
- Developing the necessary policies, together with the client, to ensure a fully compliant website
- Compliance with privacy and e-commerce regulations.