A General Agreement on Data Protection of European scope, in force since May 2016, will be directly applicable to all EU Members from the 25th May 2018.
It applies to all EU established companies or, if established outside the EU, that process data of EU residents, independently of their size or activity, and with increased requirements, obligations and responsibilities:
1. Privacy by Design and Privacy by Default, what translates into by the enforcement of technical and organizational measures that meet the requirements of GPDR from collection to its erasure.
2. Companies’ responsibility to demonstrate their compliance with the new Regulation.
3. Data breach notifications
4. Reinforcement of the rights of data subjects, as well as the introduction of new rights
5. In some cases, the need to name a DPO– Data Protection Officer.
The ultimate goal of this Regulation is the Protection of Citizens in the scope of the treatment of their Personal Data – a fundamental right- in a harmonized way, objective which was not achieved in the previous directive 95/46/CE, that on the last 20 years has had several adaptations by all Member States.
In this overall context, we propose, among others, the following services with the conformity of your company to the GDPR in sight:
- Initial training and awareness
- Analysis and Risks evaluation
- Implementation assistance
- DPO as a service