General Data Protection Regulation took effect on 25 May 2018. By answering questions in our Questionnaire you can learn whether you are operating in compliance or perhaps you need improvements. If you have any doubts, we are pleased to help!
QUESTIONS:
- Are you aware of the GDPR impact on your company after it took effect in May 2018?
Yes No
- Do you recognize what personal data are, and which are recorded in your company?
Yes No
- Do you keep records of data processing activities such as purposes of processing, categories of data subjects, categories of personal data and categories of recipients?
Yes No
- Have you updated personal data documentation (consent, information to data subject, internal policy, agreements with processors)?
Yes No
- Are the decision makers in your company aware of the company´s obligations under the GDPR and the process of application of appropriate measures to be in compliance and be able to prove so?
Yes No
- Are your employees properly informed of their rights and duties that will apply to them after the GDPR comes into effect?
Yes No
- Do you provide suitable conditions for a Data Protection Officer´s activity within your company (in case you are obliged to appoint a DPO)?
Yes No
- Have you prepared a procedure plan for answering data subject requests?
Yes No
- Have you managed to prepare or update potential risks, data assets protection and safety documentation and are you able to evidence such documentation to the competent authorities?
Yes No
- Do you have a system to recognize and assess actual data processing breaches and do you also have policies on reporting such safety incidents in the correct manner?
Yes No
- Are you aware of the course of potential administrative inspections and possible consequences of the identified GDPR breaches for your company (including administrative fines)?
Yes No
If you have not answered „Yes“ to all the questions above, you might need assistance with your GDPR compliance.
For these purposes we offer legal services related to GDPR application within your company, mainly focusing on:
- gap analysis of the internal channels and towards other subjects;
- preparation of necessary documentation;
- instructing your employees of their rights and duties regarding GDPR;
- proposing other recommendations for appropriate GDPR implementation.