GDPR is about the law – not box ticking, and certainly not scaremongering – it’s simply designed to improve personal data handling. There are consequences if you don’t comply – but it recognises the need to weigh the costs of implementation and likelihood of risk as it relates to your business.
Because we know you, we can make that judgment affirmatively:
- GDPR is the biggest change to Data Protection Law for 20 years. It will impact most companies to some degree. However, an industry has developed offering compliance advice – and some of it is simply scaremongering – or tends toward a box ticking process which does not address the core legal essentials.
- In order to comply, GDPR demands a thorough legal assessment –but one which takes proper account of the costs of implementation and likelihood of risk to your business – not an abstract case study, so that things which are not necessary for your company are identified, and only those issues which the law requires and which commercially – in context of your specific business are needed.
What we’ll do:
It’s vital to properly gauge the extent to which GDPR actually affects your company – and from there, identify what steps you need to take commercially, operationally and at management level – but steeped heavily in legal analysis and scoping of your contractual relationships with:
- Customers
- Suppliers
- Service providers
We’ll identify your capacity as controller or processor and whether that role is shared with others
We’ll assess the lawfulness of your data processing and how to configure your compliance
We’ll make sure that legally and commercially you are not exposed and that you practice compliance in proper context
What information you need to give to data subjects, what rights do your customers have? Do you use automated processing or profiling?
How will you deal with personal data security breach?
What records do you keep?
Above all, what does GDPR really mean for you?
Search
Call Us
Enquiry
Menu
