(GENERAL DATA PROTECTION REGULATION)
General Data Protection Regulation (GDPR) will come into effect on
25 May 2018, following four-and-a-half years in the making.
It’s time to prepare – and you’ve come to the right place with Xynics.
A core principle of GDPR is to ensure that organisations have a legitimate, lawful reason for processing the data, and that doing so respects the individual’s rights.
In the last decade there has been an explosion in the way that organisations collect and use data. Almost everything an individual does now is tracked and logged in data, and much of it is directly attributable to that individual.
For businesses that are already in compliance with the Data Protection Act 1998 (DPA) and the Privacy and Electronic Communications Regulations 2003, there is very little change at all. Most will only need to update the way data is collected including documentation, policies and procedures.
The Information Commissioner’s Office has indicated that if you are currently subject to the DPA, it is likely that you will also be subject to the GDPR.
We take the GDPR worry out of your hands so you can still get the full benefit from your data, while reducing the risks.
We’ll advise you on how GDPR may apply within your business.
We’ll undertake a discovery process to ascertain what data your business holds and how it is used.
We’ll help you to document your business data flows and procedures.
We’ll guide you on implementing new GDPR-compliant procedures and data activities.
We’ll help you to draft privacy statements and consent mechanisms.
Under GDPR, the penalties for non-compliance are potentially high, up to €20 million or 4% of annual global turnover. We’ll help you minimise the risk to your business and keep you compliant.