GDPR ASSESSMENT
The GDPR applies to all businesses, organizations, professionals, and, more specifically, data controllers or managers that process personal data of European citizens, regardless of whether they are operating in the EU. No one excluded therefore!
GDPR is not a rigid regulation but is modulated to business characteristics. It is a scalable formula.
What type of personal data processing is involved?
The Regulations apply to the:
- fully or partially automated processing of personal data
- Non-automated processing contained in or intended to appear in an archive
HOW TO PROVE YOU ARE GDPR COMPLIANT?
Assessing one's compliance with the GDPR goes through the growth, construction and adequacy of all technical and organizational measures used by the data controller throughout the entire personal data processing process.
We start with the analysis and critical privacy issues of our own target industry. We proceed to the elaboration of a detailed and comprehensive data mapping architecture to get into the plots of our treatment, highlighting the grey areas.
After that, we produce a proper, full-bodied GDPR risk assessment framework, and if necessary, we properly structure and compile a GDPR-compliant treatment log and impact assessment.
ASSESSMENT SERVICES
- Data mapping
(art.4 Reg.EU 2016/679) - Record of processing
(art.30 Reg. EU 2016/679) - Risk Assessment
(art.32 Reg.EU 2016/679) - Impact Assessment
(art. 35 Reg.EU 2016/679) - GDPR compliance
(art.39 Reg.EU 2016/679) - Monitoring effectiveness/efficiency of training activities
(artt.24-29-39 Reg.EU 20167679) - Documentary Assessment
(artt. 24-32 Reg.EU 2016/679)
Other services