Outsourced Privacy Engineering Team

Based on the principles of Privacy by Design, we will check your code, application or website for compliance with the General Data Protection Regulations. 

DESCRIPTION
Outsourced Privacy Engineering Team

PETeam is a team formed by a certified GDPR expert, an engineer (software architect), and, if necessary, one or more programmers. All you need to do is to test the work and implement solutions.

Results

Optimization of processes (workflow), added required functionality (automatization of the exercise of the subject’s rights, setting up system rules for data deletion, and development of customized documentation (privacy notice, checkboxes, cookie banner, DPA, SCC, Declaration of GDPR compliance, etc.)). Your team gains experience and knowledge in the implementation of the upcoming projects and tasks.

When launching a software on EU market you may face the following issues:
Your product does not comply with the strict rules of the European Union or marketplace.

It is the risk of a huge multimillion fine, non-admission or ban of the app in marketplaces, a drop in the company's value, loss of customers, and damage to reputation.

You are not starting the development because you do not know which of the many GDPR requirements apply to your product.

Because of this, deadlines are missed, and each month of delay means lost profits and opportunities.

You are acting at random, and you are not sure of the effectiveness of your solutions.

You may be doing unnecessary work or complicating things that can be made easier. Probably, you will have to make changes and incur unplanned losses.

You are a customer of the application/site/system and hope that due to contractual conditions, the developer will embed privacy into the product.

However, you don't know how to make a specification so that it complies with the GDPR, or don't know how to perform acceptance testing of the product to ensure full compliance of the product with the GDPR.

You want to win or have already won a dream tender.

Your client has sent you a questionnaire with questions about the GDPR and Privacy by design. Unfortunately, you do not know how to answer them correctly, how to prepare for the annual client's audit, or whether your product meets the requirements of the tender.

Users have started to request or ask to delete their data frequently.

You respond to everyone on time, but users address regulatory authorities with a complaint that you have been storing their data for too long or unreasonably.

What happens after you contact us?

1
Step 1.

We make a product audit: we determine the need and possibility of a PETeam intervention. For example, we've looked at a small product and have made one of the following expert assessments: 1) changes are necessary and possible; 2) you do not need any changes; 3) it is cheaper to rewrite it from scratch.

2
Step 2.

If we decide to join your project, an onboarding of our team is carried out. We study the goal, processes, architecture, style, design, data flows, and processing, and get familiar with the development methodology in the team. We select personal data in the data model and where and how they are stored and processed.

3
Step 3.

We plan further improvements by developing a list of tasks (scope of the work), stages, blocks, evaluating them, and planning sprints.

4
Step 4.

We participate in team development, consulting, meetings, and brainstorming. We participate in the testing and finalization of the product.

5
Step 5.
We conduct a final product audit, acceptance testing, and prepare the report.

The PETeam will help you develop a product that complies with the GDPR.

Cost

The cost is based on the results of the audit. Payments are made on a monthly basis for the team and completed tasks.

You still may have these questions:

Chances are extremely low, but this will become clear in the course of the first audit. We have cases when we might have to refuse the product or rewrite it from scratch, but we had found simple and creative solutions and “had saved” the created product.

Also, we will not need to remake the product if the errors in it have a minimal level of risk and you can accept them. We will inform you about all the shortcomings and their level of risk. Thus, you will be able to make an informed decision about the changes that should be implemented and the optional changes.

If you have a lot of employees and there are no product launch deadlines, you can devote a year or two to the improvement of employees’ skills, hiring an external GDPR consultant, and searching for the optimal technical solution using the search method.


However, if you need to do the work effectively and in a short period of time, one would agree that it’s easier to hire a team that already has relevant experience and knowledge. All our developers have experience in implementing the GDPR at the technical level (privacy engineer).

We assume legal obligations by signing non-disclosure and non-compete agreements. We are also ready to consider working on your devices and in your offices.

It depends. As a rule, it will be more expensive to train your employees, discover violations of the Regulation, find a suitable solution, and conduct an audit than to hire our team. 

However, it is cheaper to work with us than to pay a fine, rewrite the entire product, and cede the EU market to competitors. In particular, we invite only competent and experienced specialists with a unique specialization who have a high value in the labor market to join our team. Thus, by hiring our PETeam, you invest in high-quality work and guaranteed results within the planned time frame. And only you decide how valuable it is.

Because your tester knows the product, and it would be quite expensive to transfer this knowledge. Therefore, to ensure better quality, we recommend you using your tester.

We conduct a final audit and sign a report that can be shown to supervisors and partners. The audit is conducted by professionals from Data Privacy Office LLC who are internationally certified and do not participate in the development team.

You can also order an audit from a third-party company, and if they discover clear violations of the Regulations, we are ready to eliminate them at our own expense.

We are ready to work in a separate branch without having full access to the entire product.

We implement an internal Code Review. Moreover, we ask you to provide us your employees for an external Code Review.

A unique feature of our company is that if there is a way to balance privacy requirements and customer’s financial interests, we will do it for you. Besides, we will confirm all the tasks needed for embedding the GDPR in your product with the project stakeholders.

We bring together a team of experienced and competent specialists who can adequately assess the deadlines.

At each sprint, we will show you the completed tasks. We will also give you access to our team’s Burn Down Chart.

Competencies and certification

Feedback form

When you complete the form, you will:
  • Have the opportunity to ask questions concerning data protection.
  • Discover if this product is right for your business or project.
  • Receive directions on cost, duration, and other details.

Please contact us to schedule an online meeting with a privacy expert!

P.S. Didn’t find anything that suited your needs on the site? Put a brief description of your situation into the “Comment” field. We will get in touch and offer a personalized solution.