GDPR Services

The GDPR is a set of regulations that requires companies to protect the personal data of their customers, and provides customers with the right to access and control their own data. It is a powerful tool for giving customers control over their data and has had wide-reaching implications for businesses around the world.

Frequent Asked.

We have selected the of most frequently asked questions to help with some of your queries.

In compliance with the General Data Protection Regulation, which came into force May 25, 2018, organisations must protect personal data and uphold privacy rights of individuals on EU territory. The regulations include seven principles of data protection that must be implemented and eight rights of privacy that must be respected.

According to Article 83 of the GDPR, you can be fined up to 4% of your yearly revenue or up to €20 million for privacy data breaches.

GDPR applies to any organization that processes personal data of EU citizens. Data processing encompasses all the activities you can perform with it: collecting, storing, transmitting, analyzing, and so on. Personal data are any pieces of information that relate to a person, including name, email address, IP address, eye color, political affiliation, etc. Even if an organization is not connected to the EU itself, it must comply with the GDPR if it processes personal data of EU citizens, for example, through tracking on its website.

Organizations in violation of the GDPR may be subject to sanctions and fines imposed by the data protection authorities in each country. Penalties may not exceed €20 million or 4% of global revenue, whichever is higher. There are also sanctions available from data protection authorities, such as suspensions of data processing or damaging public reprimands.

In an effort to comply with GDPR, organizations need to implement technical and operational safeguards to protect personal data. As a first step, the organization should conduct a GDPR assessment to determine which data it controls, where it is located, and how it is secured. Furthermore, they must comply with the GDPR’s privacy principles, such as obtaining consent and ensuring data portability. Other organisational measures may include appointing a Data Protection Officer and updating your privacy notice.

An organisation’s Data Protection Officer (DPO) is responsible for understanding the GDPR and ensuring compliance. Whenever you have questions about data protection, the DPO is the point of contact for the authority. The DPO is responsible for monitoring compliance with the GDPR, keeping records of all data processing activities, providing advice and guidance on data protection issues, and training staff. They also have to report any data breaches to the relevant authority.

Our Services

Regardless of location or current privacy maturity level, organizations that store or process the data of EU residents cannot afford to be complacent. FW-IT can assist you with all GDPR compliance steps.