With the General Data Protection Rgulation (GDPR) from European Union, all the countries are adapting their Privacy laws to follow its steps.
The GDPR foundations are build on the compliance of the world known 7 Essential Principles: 1. Lawfulness, fairness and transparency. 2. Purpose limitation. 3. Data minimisation. 4. Accuracy. 5. Storage limitation. 6. Integrity and confidentiality (security). 7. Accountability.
An accurate privacy and security compliance policy should adopt the following 4 stages active plan:
As we are talking about a fundamental right, it's necessary to comply with the data privacy regulations.
But being Pro Active means that, it is not enough to comply with law: You must demonstrate that your are for sure compliante. Failing to being Pro Active will put a company under the line of heavy fines
Both, Privacy By Design and Privacy By Default are mandatory to be in compliance with GDPR, US laws and other countries like Uruguay, Brazil and Argentina.
Started for the first time in Canada, By Design means that data privacy must be protected from the creation of service, app, web and more. By Default refers that privacy options like consent (e.g.) cannot be pre-checked as a YES. On the contrary, Privacy Protection must prevail.
A DPO may be an accurate option to work together with the company in order to be in compliance with the law and to avoid possible fines.
In some limited situations, the designing a DPO is mandatory according to the law.
A PIA or a privacy audit is necessary to determine the security, technical and administrative risks that can impact on Privacy rights
Generally, a PIA must be executed before giving an active service. An audit must be implemented at least twice a year.
We have developed a Privacy Self Assessment Tool.
This tool allows you to go through a privacy audit, that can return a panorama of your company's situation regarding the privacy compliance and possibility of date breach.
We bring tailored Privacy Policies to your needs .
We review and elaborate contracts that include privacy compliance terms.
Adapting your privacy situation to the Standard Contractual Clauses (SCC).
With the new Privacy Standards, it is necessary to keep records to demonstrate your pro active protection.
Two phrases are the most significant example of today Data Privacy / Data Protection Standards: "To be Pro Active" and "To Keep Records" of everything, including the previous consent..
As DPOs, we work together with our clients so they can be in compliance with the GDPR and regional data protection laws..
Based on the 4 Stages Plan, we detect the privacy vulnerabilities and risks, executing PIAs and audits, based on the GDPR 7 Principles and the new data protection standars for each country and strengthen the companies privacy program to be a pro active asset.
0 Years of experience
COVID-19. The Pandemic. The New Paradigm .