Privacy policy
The General Data Protection Regulation, known as the GDPR, imposes a wide range of requirements and challenges on organizations that collect or process data and is fully binding from 2018 in all EU Member States.
Personal data must be processed lawfully, fairly and transparently, be adequate, relevant and limited to what is necessary and accurate and, where necessary, up-to-date. Any processing of personal data must be secure, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage.
What benefits will you achieve?
- prevention of misuse of personal data
- ensuring lawful and fair data processing
- more efficient management and control of personal data
- reducing the risk of data loss
- increase the satisfaction and trust of customers, employees and other providers of personal data
- reduction of costs associated with inefficient processing and storage of personal data
- avoidance of fines (up to 4% of annual turnover)
How can we help you?
- interpreting the requirements of the Regulation concerning the nature, scope, context and purpose of the data processing in your organization
- examining the need to conduct a personal data protection impact assessment
- conducting an impact assessment on the protection of personal data, i.e. identification and risk assessment according to the model set out in the ISO 31000 guideline or another model adapted to the maturity and current practice in your organization
- establishing risk mitigation measures based on world best practices and rich personal experience
- development and validation of a risk control plan
- drafting and adapting the documents necessary to comply with the requirements of the Regulation;
- introduction into the implementation and supervision of the performance of established policies, processes, measures and documents;
- performing the duties of a data protection officer;
- integration of the requirements of the GDPR with the information security management system according to the ISO / IEC 27001 standard