GDPR & e-Privacy compliance
Who does the GDPR affect?
The GDPR not only applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.
What are the penalties for non-compliance?
Organizations can be fined up to 4% of annual global turnover for breaching GDPR or €20 Million. This is the maximum fine that can be imposed for the most serious infringements e.g.not having sufficient customer consent to process data or violating the core of Privacy by Design concepts. There is a tiered approach to fines e.g. a company can be fined 2% for not having their records in order (article 28), not notifying the supervising authority and data subject about a breach or not conducting impact assessment. It is important to note that these rules apply to both controllers and processors -- meaning 'clouds' will not be exempt from GDPR enforcement.
Our office can handle the compliance project of your company with the assistance of experienced business consultants and IT consultants. After the completion, we provide ongoing information and support at a legal, organizational and technical level.
Data Flow mapping
Policies and Procedures
After sales support
inform and consent
What is GDPR?
After four years of preparation and debate the GDPR was approved by the EU Parliament on 14 April 2016.
Enforcement date: 25 May 2018 - at which time those organizations in non-compliance may face heavy fines.
The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws acrossEurope, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.