Informing individuals whose personal data is being processed and providing transparency about the processing activities undertaken are two of the cornerstones of the GDPR. When having mapped these processing activities, we can provide you with clear recommendations concerning:

  • whether (and how) you can continue to process personal data that has already been processed prior to May 25, 2018;
  • which information and transparency obligations you need to comply with;
    how to record consent and the acceptance of the terms of your (updated) privacy policy;
  • if you are engaged in profiling, adjusting and aligning your processes in accordance with the GDPR and best practices.

Process review and (re)design

It is clear that companies that are processing personal information as a key aspect of their business process (and, let’s be clear, who isn’t?), it is clear that the impact on the organization can be massive.

In this respect, we can help in reviewing your data processing activities in light of the GDPR’s requirements, in view of advising you on (minimal) process redesign and possibly implementing new processes in order to minimize such impact.

In each and every step of this process, we will attempt to have an as low as possible impact on your company, its functioning and its stakeholders.

Data protection officer

The GDPR requires certain organisations to appoint a Data Protection Officer or DPO in short.

Here, we will review together with you whether or nog you are required to appoint a DPO.

If so, we can assist in clearly defining the DPO’s role and responsibilities, bearing in mind the size, complexity and data processing activities taking place within your organisation. In case you are not required to appoint a DPO, we can review together with you how GDPR compliance management can be embedded in your organization.

Our solutions

Personal data flow documentation

Documenting processes and compliance efforts are key elements in the GDPR. Our online tools help you in providing the necessary process documentation in any required format, on the basis whereof we can make clear recommendations and assist in implementing them.

Compliance statement

For those clients where we have a full 360° perspective on their activities, we can even issue compliance statements if and when required.

Your data protection officer

Bearing in mind the fact that we are required to operate independently from our clients, we are the ideal party to function as your DPO. Especially now data protection authorities are becoming more and more active, we can – additionally – represent you in discussions and negotiations with these government organizations and, if and when required, before the courts.

Steven MotmansGDPR Processes