The GDPR, which applies directly in all Member States, is intended to be “universally” applicable (i.e. it also applies outside the borders of the EU (!)); it is designed to strengthen the digital European economy and make cloud services from “anywhere” competitive. This will be achieved through a number of new obligations on businesses. It will be necessary to maintain records of processing activities (“processing registers”), conduct data protection impact assessments, provide comprehensive information to data subjects before commencing data processing, and appoint data protection officers. The principles of “data protection by design” and “data protection by default” mean that it will be mandatory to take data protection considerations into account when designing new products.
We ensure that your business is fully compliant with the new requirements. As well as running training sessions for your staff, training data protection officers and creating processing registers, we can assist with every aspect of compliance with data protection law and ensure that your procedures meet the standards laid down in the General Data Protection Regulation.