GDPR and Privacy Projects
Integrate GDPR into all your products and services
The purpose of GDPR is to protect all personal data in a world with increasingly fast flowing data. Everyone has the right to access their own data and the right for it to be forgotten – which is precisely why the right of companies to obtain and retain personal data is restricted.
For many companies, this means adopting new practices. Procedures, products and services have to be altered so that companies collect data ONLY for specific purposes and ONLY to a reasonable extent. New GDPR practices, which are the responsibility of senior management, must be part of the mindset of the entire company and its employees.
Let us educate your company on secure data protection
The aim of this service is to train your company’s management and staff as a step towards GDPR compliance. We can devise and implement a programme for your company.
We adapt the programme to the individual company, kicking off our collaboration with a workshop, during which we analyse all business processes in the company, looking at collection and storage of data, e.g. IT systems (website, online store and content management system), suppliers and products. We discuss the company’s IT security needs and map out the necessary steps towards GDPR compliance, also examining whether it is necessary to have a DPO.
As your consultants, we make recommendations and draw up check lists and necessary standards. This process also involves tasks for the company’s staff.
In most cases, 3-5 implementation meetings are necessary, depending on the extent of the task and the size of your company. We focus on what new tools your company needs and what existing systems can be integrated and reused.
Together we assess the situation and ensure that your company:
- develops a GDPR mindset among management and staff
- defines procedures in the case of data breaches
- keeps track of the rights of all registered individuals, including necessary declarations of consent
- has IT procedures for security, privacy settings and disaster recovery
- implements the necessary management tools
- has support for GDPR auditing
Management and employees
It is important to designate one or more people from within your company to have oversight over internal GDPR processes and to also have the authority to make decisions on any arising matters. In the case of small and medium-sized companies, they will typically be the company proprietor/CEO, CFO or CHRO.