Trust us for the management of your profiles and pages on the main social networks and increase your turnover with a small monthly investment.
The need to issue a European privacy regulation arises from the continuous evolution of the same concepts of privacy and protection of personal data and therefore of the relative protection mainly due to the spread of technological progress. The adaptation to the EU Regulation on the protection of personal data so-called General Data Protection Regulation or "GDPR" involves various obligations that companies must comply with. However, the privacy adjustment generates numerous advantages and opportunities as it represents that added value that distinguishes the company in terms of seriousness, reliability and guarantee.
The benefits of GDPR compliance:
Starting a process of adaptation to the GDPR is not only mandatory, but represents an opportunity for companies to improve their services and production processes. Through some activities:
• encourage mitigation in risk management and business continuity for the business continuity of the company;
• update the policies for logical and physical access and improve the measures, skills and corporate culture with a view to the innovative principle of accountability or "accountability" introduced by the new EU Regulation;
• guarantee the corporate reputation or so-called brand reputation;
• reviewing the corporate IT network from a GDPR perspective to act on obsolete systems that slow down business operations and productivity
• bring the company closer to the adoption of technological and IT process standards required by the most innovative and advanced suppliers and customers.
The GDPR introduces clearer rules on information and consent, defines the limits to the automated processing of personal data, lays the foundations for the exercise of new rights, such as the "right to data portability" and the "right to be forgotten ", Establishes strict criteria for the transfer of data to third countries and international organizations and regulates cases of violation of personal data "Data breach"
• Data controller
• Responsible and sub-Responsible for the treatment
• Personal Data Protection Officer - DPO - Data Protection Officer
• Authorized for treatment
Failure to comply with the GDPR and national legislation on the protection of personal data can result in penalties, administrative and criminal, for the company:
• Administrative fines (up to 4% of the company's turnover)
• The limitation or prohibition by the Supervisory Authority of the processing of personal data, with the possibility of blocking the activities and, consequently, the company business
• Significant financial losses to the company
• Obligation to compensate the interested party for material and / or immaterial damage that suffers damage, by the data controller or data controller;
• Criminal liability for the unlawful processing of data, illegal communication and disclosure of personal data, fraudulent acquisition of personal data, falsity in declarations to the Guarantor and interruption of the execution of tasks or the exercise of the powers of the Guarantor.
1. Have I prepared the forms for collecting data by providing complete, intelligible, easily accessible information and using simple and clear language?
2. Have I organized my business to collect and process only the data that is necessary and useful for the company's business? What data can I request?
3. Has the data subject's consent been collected and traced? Are there conditions other than consent which legitimize the processing of personal data?
4. Have I appointed and adequately instructed my collaborators / employees and formalized the management of outsourcing relationships?
5. Have I organized the retention of documents in order to always have their availability and so that the data is accessible only by authorized personnel?
6. Did I do the data protection impact assessment or DPIA?
7. Should a DPO "Data Protection Officer" be / should be appointed?
8. Do I have to keep a record of treatments?
9. Have company tools / procedures been prepared to notify the Guarantor of data breaches?
10. Do I have strict guarantees for the transfer of data outside the EU?