Is Your Organisation Fully Compliant?
As a Barrister and GDPR Consultant, I advise companies on how to ensure compliance with the General Data Protection Regulation.
If you collect client or customer personal data in the course of your business, you have to comply with GDPR. Any form of data collection including data to upload to your database, collecting business cards, prospecting on social media and data sharing with third parties must be compliant.
I work at senior board level advising corporates, SME’s and public authorities on their systems and the implementation of a robust GDPR policy.
- Personal Data Collection, including employee data (adequacy and relevance);
- Processing, recording and sharing of personal data (including SMR/ Online Databases / Excel Spreadsheets and employee data);
- Privacy Policies;
- Policy scripting;
- Privacy by design;
- Third party use of personal data;
- Data transfers abroad;
- Subject access requests;
- Data retention and deletion;
- Data Security;
- Security of devices provided by the business;
- Data Breaches.
- Ensure awareness of GDPR from the boardroom down
- Where does the personal information you collect come from?
- What do you do with it?
- Who do you pass it on to? (Third Parties)
- What are the Individual’s rights?
- How secure is it?
- Are your third party suppliers GDPR compliant?
- Are your staff fully trained in GDPR?
- What is Consent?
- Do you have a compliant Privacy Notice?
- Are your IT systems secure and compliant?
- What are the consequences of a data breach?
- Do you need a Data Protection Officer?
- Are your international dealings compliant?