Wizuda provides GDPR compliant software enabling you to make sure your business is compliant with email and data sharing in the EU. The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) came into effect on the 25th May 2018. It is a regulation which aims to give EU citizens back control and transparency over their personal data, how it is used, by whom and for what purpose. Businesses who do not comply, are at risk of significant fines, reputational damage and losing customer trust. Under the accountability framework, businesses must be able to demonstrate compliant processes are in place and having the right technical solutions in place, is a key part of that.
Since 2018, GDPR Compliance is crucial for any business that holds data online or offline in the EU. The consequences of improper data collection and storage can be detrimental for businesses. There are two different tiers of fines that are implemented upon companies who breach GDPR regulation, these depends on your annual global turnover. The fine is a percentage of that turnover. The maximum fine is €20 million, which shows the dangers of not having GDPR compliance software in place.
GDPR compliance can be an everyday challenge for businesses who do not have the proper infrastructure or software in place to deal with data collection and storage. There are numerous aspects to manage, including knowing the legal basis on which you are processing the data and managing your compliance processes. Getting consent from customers (and employees), and how exactly you obtain that is crucial to the beginning of the process. You must also ensure you have the tools to deliver on each of the rights e.g., for “the right to be forgotten”, you need to have the capabilities to be able to erase a user’s data in a relatively short time period if they request so. These are just some of the GDPR Compliance challenges faced by companies operating in the digital landscape.
personal data are we sending via email and over file transfer methods?
is the sensitivity /risk category of that data?
Tip – Conduct an impact assessment if it is high risk.
are we sending this personal data to, is it within the EU and if not are standard contract clauses etc in place.
are we sharing this personal data with them and what security measures are in place e.g. encryption, MFA, data minimisation, recipient verification etc
are we sending this personal data to?
are we sharing this personal data with them and under which lawful basis?
Dublin
Arrow Building
Old Belgard Rd,
Dublin 24,
D24 ND70
Ireland