General Data Protection Regulation (GDPR) reshapes the way in which sectors manage data, as well as redefines the roles for key leaders in businesses, from Chief Information Officers to Chief Marketing Officers. Chief Information Officers must ensure that they have watertight consent management processes in place, whilst Chief Marketing Officers require effective data rights management systems to ensure they don’t lose their most valuable asset – data. The implementation of the General Data Protection Regulation (GDPR) requires a profound change in the legal, organizational or technical “Data Privacy” approach taken by economic players.

VAN LEEUWEN FORENSIC AUDITING can assist you in the following areas:

  • Mapping of personal data processing and related risk analysis (impact study, etc.)
  • Validation and support in the implementation of action plans for compliance with the GDPR;
  • Training of Data Protection Officer (DPO);
  • Support in the data use and development process;
  • Assistance in the deployment of a global multi-country compliance policy from our network of correspondents

FOCUS AREAS:

Rights of Data Subjects under the GDPR

The Data Controller (“DC”) is the person who, alone or jointly, determines the purpose and means of the processing of personal data; in other words, is the person who decides why other’s personal data is processed and how it would be processed. Art. 4 (7) GDPR determines the purpose and means of the processing of Personal Data (PD).

READ MORE

Who is the Data Controller (DC) and what are its responsibilities under the General Data Protection Regulation

The Data Controller (“DC”) is the person who, alone or jointly, determines the purpose and means of the processing of personal data; in other words, is the person who decides why other’s personal data is processed and how it would be processed. Art. 4 (7) GDPR determines the purpose and means of the processing of Personal Data (PD).

READ MORE

Who is the Data Processor (DP) and what are its responsibilities under the General Data Protection Regulation

The data processor (DP) is an entity that processes personal data for the account, on instruction and under the authority of the Data Controller (DC)-other than the employee of the DC. This enity can be a natural or legal person, public authority, agency or another body. Art. 4 (8) GDPR process Personal Data (PD) on behalf of the Data Controller (DC).

READ MORE

Principles for the Processing of Personal Data under the General Data Protection Regulation

The principles are set in article 5 of the General Data Protection Regulation (GDPR) and enshrined thorough all the Regulation, and they apply to every personal data processing activity. As the cornerstone of the Regulation, they should be kept in mind when interpreting the rights and duties established in the General Data Protection Regulation (GDPR).

READ MORE