As most people are aware of, the EU’s General Data Protection Regulation (GDPR) is a regulation on data protection and privacy for all individuals within the EU/ EEA. It also addresses the export of personal data outside of this area, regardless of processor and controllers’ location. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment. In addition, the GDPR has the potential to set a new gold standard for data protection globally – considerably improving protections for consumers in the EU and internationally. With the GDPR comes not only challenges but also opportunities. Working towards ongoing GDPR-compliancy can for example help enable your company to manage the data needed more efficiently as well as it helps install trust with other key stakeholders and end users. Contact us at Twire should you want to know more about GDPR and how it affects your business. We can help your business with Audit, Compliance, and DPO-outsourcing.
Audit → Compliance → DPO outsourcing
In addition, Twire can also provide your organisation with ad-hoc documentation and templates for meeting GDPR legal requirements and accountability, e.g. for contracts, risk assessments, and various policy documents.
See below 3 steps for compliancy in detail & request a quote
Why trust us?
We are certified and have experience in working with e.g. EU personal data protection and privacy.
If you serve individuals in the EU/ EEA as your clients (e.g. allow them to purchase goods or sign of for a service), then you need to comply with GDPR, or you may potentially face harsh consequences, e.g. high fines, civil law suits, freezing of your EU-facing business by the authorities, credibility crisis. This applies even if you are operating outside of the EU.
Is my business compliant?
Becoming GDPR compliant isn’t only a once off practice, nor is it about upgrading your software to the latest version or installing a plugin. GDPR isn’t prescriptive in terms of means of personal data protection, quite the opposite actually. It relies on practical knowledge of the GDPR and your knowledge of your own business, and ongoing accountability, for optimal compliance solutions.
We conduct a series of written surveys, meetings, phone calls, visit your office if possible, review your IT systems and physical security, gather existing documentation, in order to learn all about your data processing activities, such as:
– what is your organisational structure;
– what are the specifics of your data processing;
– to what countries personal data is transferred; and
– what kind of personal data protection solutions exist so far.
After gathering enough information we analyse it in the context of the GDPR regulation requirements and potentially other specific legislation.
As a result you get a report with:
– a list of potential infringements and associated risks; and
– recommended corrective actions and data protection measures.
Training sessions for your team or organisation.
Before we start implementing post-audit recommendations, we need to raise awareness, in various ways, of new rules and regulations and discuss various scenarios of reaching compliance.
Workshops may be conducted separately in each location and/or in each department.
End goal for each workshop is to agree on optimal solutions for your business.
Compliance solutions implementation – time frame depends on your organisation, its scope and team’s availability.
Together we implement solutions, so you can meet your legal obligations for:
– data processing throughout the whole data lifecycle;
– respecting the rights of data subjects;
We also implement various data protection measures, such as:
– required best practices;
-personal data security measures;
-periodic checks; and
– efficient procedures in case of a security incident or a breach.
Last but not least, we document your accountability for personal data protection.
– answer any questions, guide and train your team,
– coordinate personal data protection efforts,
– monitor and evaluate personal data protection solutions,
– respond to any breaches or incidents,
– serve as a point of contact to all data subjects and the Data Protection Authority.