Already part of Dutch and European law for decades, it only drew attention of the majority of companies since 2016, first particularly because of the extensive fines involved. I tend to think now also because of a sense of urgency for protection of data privacy due to the ongoing digitalization of our lives and businesses.
Already involved in privacy legislation during my work at telecom companies, the last few years I assist and guide several companies to being compliant with the General Data Protection Regulation, in force since May 25, 2018. Not only big companies need to be compliant, also smal(ler) companies which process data.
On your road trip to being GDPR-compliant I can advise and guide you further as follows:
Starting with a compliancy check, I will advise on:
- What Personal Identifiable Information (PII) does your company process?
- And where within your organization is that PII processed and stored?
- How to deal with marketingrelated activities and PII?
- Where do you need to assess Data Protection Assessment (risk analyses)
- What procedures do you need internally (for instance regarding Data breaches)
- Do you need forms you could provide in case a person makes use of one of its rights under GDPR (such as the right to erase, right for information)