Solutions
Starting to follow the European standards on the data personal protection, companies have typical questions:
- Are the data we process personal?
- Are our business processes subject to GDPR?
- Do we have to hire a Data Protection Officer?
- How to determine the legal basis for processing personal data?
- What actions should be taken to comply with the GDPR?
The Data Privacy Office team has developed an approach to quickly and competently answer the above questions and, thus, orient the company how to properly move towards compliance with the rules of the Regulations.
We have made the analysis of specific cases as effective and high-quality as possible: we have developed checklists, questionnaires and flowcharts, standardized algorithms and analysis tools.
That is why the first step is always to invite you to an online meeting with an internationally certified expert. First, let’s get acquainted and talk. And secondly, you will be able to understand whether you need to meet the requirements of the GDPR at all. And also decide on the best solution for your case.
What do we offer?
We identify gaps in the work with personal data, as well as analyze the risks arising from these violations. As a result, you get an adapted work plan for correcting errors.
Training and support of the working group (project team) on the implementation of the GDPR based on the ISO27701 or Nymity Privacy Accountability Framework.
To start working with all the privacy rules, businesses need to understand what personal data is collected, what happens to it, why and how long it is processed. In fact, you need to be aware of the movement of personal information as well as of all monetary movements. The solution will be a data register, which must be maintained by each controller in accordance with Article 30 of the GDPR.
We will check your company, individual processes, products and software for compliance with the GDPR. As a result, you will see a complete picture of working with personal data within your business, which will allow you to eliminate existing shortcomings, demonstrate compliance to partners and Supervisory authorities.
The DPIA procedure makes it possible to identify existing and planned measures to protect the company from risks that may arise in the process of working with personal data. We identify, name and evaluate risks for your company. As a result, you will receive a ready-made action plan for their elimination.
Outsourcing of a team consisting of programmers, a software architect and a GDPR specialist. Based on the principles of Privacy by Design, we will check your code, application or website for compliance with the General Data Protection Regulations. As a result, we will fix the shortcomings and pump your employees so that in the future they themselves can implement privacy in all your projects.
The privacy policy needs constant improvements to meet all the updates of the GDPR rules. The existing policy could be outdated, there could be errors in it, which together will lead to a fine for non-compliance with the Regulations. An audit is necessary to maintain relevance.
During the procedure, we interview employees, check sites for trackers, counters, and web forms, determine the goals and legal grounds for processing, and set data retention periods. As a result, you will receive a competent privacy policy that will fully comply with the requirements of the Regulations.
The first step is to bring the company into compliance with the Regulations. After conducting Data mapping, you will determine the scope of work on the implementation of GDPR, stakeholders and risks for the organization. The created plan will be the first step of your company to the Register of personal data processing.
