For your peace of mind about the handling of your personal data
Last year, 144,376 applications and complaints were lodged with the European supervisory authorities.
Source: The European Data Protection Board
GDPR AFFECTS EVERYONE
The processing of personal data does not only affect companies operating in B2C. These days many companies process personal data relating to their customers, partners and employees. As a result, they need to assess the extent to which they fall within the scope of the GDPR and, if necessary, initiate a compliance process.
MAKE GDPR AN OPPORTUNITY
More than just strict compliance, GDPR is an opportunity to evaluate your company's data. Carrying out detailed mapping of personal data processing at the same time provides a structural overview of one of your company's main assets: your data assets.
- WHERE DO YOU STAND IN TERMS OF GDPR COMPLIANCE?
- DO YOU HAVE THE RESOURCES TO MEET YOUR GDPR OBLIGATIONS?
- ARE YOU FULLY CONVERSANT WITH THIS NEW REGULATION?
- DO YOUR EMPLOYEES REALLY UNDERSTAND THE SUBJECT? ?
Business data can only be considered an asset when it is protected. Governance and legal considerations are crucial to achieve an adequate level of protection for your data assets now and in the future. We offer the most appropriate services to meet your data strategy needs.
1. AUDIT & COMPLIANCE
"Due Diligence" of personal data processing within the company in terms of operations, governance, legality and risks. Based on our proven methodology, we propose a complete GDPR compliance path with detailed documentation as required by the regulator, taking into account the relevant elements which demonstrate your responsibility.
2. DPO SUPPORT
Depending on your company's activity, the role of the DPO
may encompass a wide range of skills and require
specific expertise. Resourcing this fully in house represents a potentially disproportionate and unnecessary investment. We put our experience as an external DPO at your service to support your organisation in the implementation and day-to-day management of your GDPR compliance.
3. EXTERNAL DPO
It is not necessary for a company to increase its workforce or to divert part of its teams from their main functions; the GDPR allows for a DPO to be appointed externally, whether a natural or legal person, for its own account or on behalf of a group of companies. We offer you the benefit of our recognised experience in this area to help you define, manage, operate and adapt your GDPR strategy in all the domains covered by this regulation.
4. EU Art. 27 REPRESENTATIVE
Companies not established in the EU but engaged in data processing activities falling within the territorial scope of the GDPR are required to appoint a representative in the EU. We can assist you in setting up your representation in the EU for GDPR purposes, at various levels of engagement, under which we operate on your behalf in accordance with Article 27 of the GDPR, as well as in the processing of personal data of EU residents.
5. Data Protection Impact Assessment (DPIA)
The GDPR imposes the obligation to carry out a DPIA, where a type of data processing is likely to create a significant risk to the rights and freedoms of natural persons, prior to the implementation of the processing operation. We bring significant experience of these phases of the GDPR assessment, combined with our own methodology, to guide you effectively in the running and expected outcomes of a DPIA.
6. MANAGING DATA BREACHES
Personal data breaches can cause serious operational, financial and reputational damage and are probably one of the main reasons for investigation by supervisory authorities. As a result, suitable governance and processes to manage personal data breaches within your organisation should be put in place as soon as possible.
7. SKILLS TRANSFER
• Awareness raising
• "Advanced" GDPR training sessions
• "Basics" GDPR training sessions
• Individual sessions to manage the maintenance of compliance