GDPR Compliance

We present general information to your company about GDPR, and help you determine to what extent these regulations apply to you:

What is GDPR and which organisations does it apply to? What are its main principles? Which are the rights of individuals whose personal data are being handled? What obligations do organisations face which handle such type of data? What processes must be put in place? What penalties are applicable in case of data breaches and in general, in case of non-compliance?

We analyse the manner in which personal data are currently handled in your company:

  • All data of personal nature handled by your company is mapped: What type of personal data is collected and managed and to what purpose? Where are these data stored? Who has access? How are these data currently protected?

  • A list of gaps vs GDPR norms is established

We propose a plan of action to bring your company in compliance with GDPR. This plan comprises:

  • Risks pertaining to the management of personal data are identified and prioritized by level of criticality. A recommendation is issues as to the actions to undertake

  • Existing data management policies are validated for GDPR-compliance, and modified if necessary. For instance:

    • Modification of the right to privacy statement, the cookies policy, …

  • New procedures are developed and implemented to bring in your conformity with GDPR

    • A procedure to follow in case of breaches to your IT systems

    • Design and development of a process to execute DPIA – a tool allowing you to pro-actively assess risks involved with the handling of personal data

We also offer:

  • Training of users on GPDR

    • GDPR awareness raising sessions for your company’s employees

    • Training on procedures to follow in case of data leakage

  • Data Protection Officer (DPO) as a service