(GENERAL DATA PROTECTION REGULATION)
General Data Protection Regulation (GDPR) came into effect on
25 May 2018, following four-and-a-half years in the making.
It bought with it ongoing responsibilities for compliance and regular review and audits. If your looking for advice & guidance, or need to start the process from the beginning, you’ve come to the right place with Xynics.
A core principle of GDPR is to ensure that organisations have a legitimate, lawful reason for processing the data, and that doing so respects the individual’s rights.
In the last decade there has been an explosion in the way that organisations collect and use data. Almost everything an individual does now is tracked and logged in data, and much of it is directly attributable to that individual.
For businesses that were already in compliant with the Data Protection Act 1998 (DPA) and the Privacy and Electronic Communications Regulations 2003, there was very little change at all. Most only needed to update the way data is collected including documentation, policies and procedures.
The Information Commissioner’s Office indicated that if you were subject to the DPA, it is likely that you will also be subject to the GDPR.
We take the GDPR worry out of your hands so you can still get the full benefit from your data, while reducing the risks.
We'll advise you on how GDPR may apply within your business.
We'll undertake a discovery process to ascertain what data your business holds and how it is used.
We'll help you to document your business data flows and procedures.
We'll guide you on implementing new GDPR-compliant procedures and data activities.
We'll help you to draft privacy statements and consent mechanisms.
Under GDPR, the penalties for non-compliance are potentially high, up to â‚€20 million or 4% of annual global turnover. We'll help you minimise the risk to your business and keep you compliant.