Processing of personal data
Based on the GDPR, it is important for you to be capable of demonstrating that all your processing of personal data complies with the GDPR. For example, you must be able to demonstrate that your processing operations comply with the following principles:
- transparency
- legitimacy;
- purpose limitation; and
- correctness.
Is your organisation GDPR-proof?
Each organization is responsible to comply with the requirements of the General Data Protection Regulation. The exact requirements that apply to your organization will depend on the amount and the type of personal data that are processed. On the basis of the GDPR, an organisation is in any case obliged to take (at least) the following measures:
- Maintaining processing registers;
- Perform Data Protection Impact Assessment (DPIA) for data processing with a high privacy risk;
- Keeping records of all data leaks that have occurred;
- Demonstrate that a data subject has actually consented to the processing of certain personal data to the extent that such consent is required; and
- being able to explain why and when it was decided to set up a Data Protection Officer (FG), when it is unclear whether an organisation is obliged to appoint an FG.
Contact us
Is your organisation GDPR-proof? Legal Q helps you to comply with the requirements of the GDPR. For more information about these services or if you have any other questions about the GDPR, please feel free to contact us.