Implementation of GDPR in your company
The GDPR and supplementary national rules define the requirements for companies when processing personal data. We implement data protection projects for our clients through a mixture of personal support from us as your external data protection officer and standardised services. In this way, our customers benefit from an efficient, pragmatic and cost-saving implementation of the GDPR. We proceed in 4 steps.
Implementation of the GDPR should be a top priority for businesses, given the high level of fines imposed for non-compliance. Fines of over EUR 100 million have already been imposed on individual companies (including British Airways, Marriott Hotels).
We support your company in the efficient implementation of GDPR-compliant data protection management with our experienced team of lawyers, business economists and IT specialists.
Four steps to GDPR-compliant data protection management
The process for implementing a GDPR-compliant data protection management system can be roughly divided into the following steps:
1. Getting to know each other and analysing the data protection risks
Our advisor gets to know you and your company as part of his analysis of the data protection situation. He assesses the data protection risks and thus creates the common basis for the ongoing consultation.
2. Creation of an action plan and implementation of data protection management
The “As-is” analysis determines the need for action and is the basis for a joint action plan.
We take on the following tasks:
- Assessment of the risks in the current situation
- Development of implementation solutions
- Drawing up a proposal for prioritisation, processing
- sequence and timeline
- Advising on project management or taking over project management
- Monitoring of the implementation
- Provision of resources for operational implementation
- Technical Organisational Measures (TOMs),
- Record of processing activities (data controller and data processor),
- Privacy notice (website, for employees, other),
- Data protection impact assessment,
- Process for data breaches,
- Process for data subject rights,
- Management of consent,
- Management of the data processing agreements, audit of suppliers and assessment of the software used (vendor review) and
- Policies and guidelines
3. Re-audit GDPR
After the action plan has been worked through, data protection conformity is checked again and the new situation is documented.
4. Continuous data protection consulting and regular status evaluations
Compliance with data protection is an essential precondition for a good customer relationship. The legally compliant handling of personal data must therefore be experienced as a matter of course. To ensure that your data protection management is always up to date, we provide you with ongoing support:
- Information on current topics, as well as legally relevant changes in data protection
- Advice and regular status discussions with your data protection officer
- Updating the documents and processing directories of your data protection management system
- Review of order processing contracts
- Communication with supervisory authorities and data subjects
- Instructions, training and education
Data protection is what we do best. By delegating your data protection management to us, you save time and resources to focus on what you do best – developing and sustaining your business. Depending on your need for support, we offer 4 consulting packages for GDPR implementation in companies. Our offer combines the advantages of an external data protection officer with the advice of accredited data protection lawyers provided by the law firm Eggert & Partner Rechtsanwälte.
CAN YOU NAVIGATE DATA PROTECTION?
We make it our job to position your company securely and efficiently in the field of data protection. For the implementation of GDPR we offer you versatile service packages and competent and reliable support tailored to your needs.