European Union Data Protection Rules. How to Avoid 20 Million Euro Penalty?
In May 2018, the European Union General Data Protection Regulation (GDPR) entered into force.
All companies that process personal data of EU citizens are required to comply with the document. Given that the new GDPR rules will be applied extraterritorially, compliance will be mandatory for companies that collect and process personal data of EU citizens (it does not matter whether a company is registered in the EU or not).
That is why before the GDPR become effective, all companies shall prepare necessary package of documents and implement it into their businesses.
The norms of the GDPR will concern those who somehow work with the EU countries. These are financial companies (banks, brokers, etc.), IT and media companies, pharmaceutical companies and medical facilities, transport companies, legal and all other companies that collect and process personal data of the EU citizens.
Cost of ignoring these requirements is pretty high – up to 20 million euro or 4% of annual turnover penalty.
Wiss Capital GmbH has the necessary experience and qualification in preparation of documents and implementation of GDPR procedures.
We will be glad to prepare all necessary GDPR documents for you including the following:
- Data protection policy;
- Training policy;
- Information security policy;
- Data protection impact assessment procedure;
- Retention of records procedure;
- Subject access request form and procedure;
- Privacy procedure;
- International data transfer procedure;
- Data portability procedure;
- Data protection officer (DPO) job description;
- Complaints procedure;
- Audit checklist for compliance;
- Privacy notice;
Also, we will be glad to implement these documents into your businesses.
The GDPR will become effective on 25 May 2018, and you do not have a lot of time to implement it. That is why we highly recommend you to hurry up and order all the necessary documents and procedures in order to avoid substantial penalties.