1 / 16

GDPR Compliance

The Ultimate Guide to GDPR & Why Itu2019s Essential?<br>https://www.bizprospex.com/product/guide-gdpr/

papali1
Download Presentation

GDPR Compliance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Ultimate Guide to GDPR & Why It's Essential?

  2. Table of Contents 1. A brief overview - the GDPR Why is the GDPR essential? 2. What falls under the purview of the GDPR? 3. 4. How is BizProspex GDPR compliant? How can you overcome the challenges posed by the GDPR framework? 5.

  3. The GDPR (General Data Protection Regulation) is a sweeping data privacy law in the EU that affects any business that collects private data on EU citizens or use data in their marketing campaigns. It carries provisions that require businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. The GDPR also regulates the exportation of personal data outside the EU. What is the General Data Protection Regulation (GDPR)? 1/14

  4. Why is the GDPR essential?The intent behind the GDPR regulation is to protect people against data breaches. Following the regulations has become a mandate, owing to the growing public concerns over data collection, storage and dissipation. A GDPR checklist ensures that as an organization data governance is focused centrally. GDPR represents one of the most comprehensive reforms to data regulation in recent times. 2/14

  5. Who and what falls under the purview of the GDPR compliance? The GDPR defines three different roles related to personal data(data which is not available in the public domain): • Personal Data subject: Owner of personal data. • Personal Data controller: The individual or organization determines what personal data to collect and how it will be used. • Personal Data processors: The individual or organization processing personal data for the controller. 3/14

  6. The regulation covers the protection of the following data: The GDPR applies to all organizations established in the EU and to organizations, whether or not established in the EU, that process the personal data of EU individuals in connection with either the offering of goods or services to data subjects in the EU or the monitoring of behavior that takes place within the EU. Personal data is any information relating to an identified or identifiable natural person, including names, email addresses and phone numbers and which is not publically available. • Personal data (which is not available in the public domain) that relates to an identified or identifiable ‘individual’, for example; • name, address, and/or ID numbers • Web data such as location, IP address, cookie data, and RFID tags • Special Category Information, for example; • Health and genetic data • Political opinions • Biometric data • Racial or ethnic data • Sexual orientation 4/14

  7. How GDPR Compliance has impacted user experience The Impact of Data Breaches 65% 88% 2sec 4.8k Of individuals in the UK feel safer sharing their data Believe their experience with online firm is better Say their email experience from brand is more relevant believe data privacy is the biggest issue faced by society of global companies were attacked by spear phishing in 2019 the amount of time between each occurrence of identity theft websites are victimized by form-jacking every month Source- Persona 5/14

  8. How Businesses have adapted to GDPR requirements? of companies spent over half a million dollars to become GDPR compliant of US companies have conducted a GDPR gap assessments and updated their privacy notices 27% of US companies have a data protection officer 32% 78% of organisations have seen positive returns on their privacy investments 40% Source-Persona 6/14

  9. Examples of GDPR penalties Google LLC was fined $56.6 million in 2019 British Airways was fined $26 million in 2018 CaixaBank was fined $7.2 million in 2021 H&M was fined $41 million in 2020 Countries with the highest GDPR penalties Spain has been penalized the most, with 304 fines totaling €33,036,110 so far Luxembourg has paid the highest amount in fines at €746,206,000 The Czech Republic has had the lowest number of fines at 25 penalties Source- Persona 7/14

  10. GDPR Fines by sector Source- Persona 8/14

  11. How is BizProspex compliant with the GDPR? BizProspex, being the leading services provider in the business, understands the requirements and responsibilities of delivering lawful and accurate data. We stand out as global leaders when it comes to CRM cleaning, Data appending, Data mining, Tech install, Data Merging and Data Deduping for B2B clients. We aim at supplying our clients with public data scraping of the highest quality to boost your sales numbers. At BizProspex, we focus on becoming the partner your organization needs to survive, and in the long run, thrive. By understanding what your company’s needs are, we’re prepared to bring you solutions with legitimacy that truly make a difference. We are one of theBest GDPR Compliant Data Service Providersworldwide and we are known for our capabilities to make complex things easy for businesses and help them understand their key needs with utmost legitimacy. 9/14

  12. We take necessary steps (Data Protection Impact Assessment) to ensure that the GDPR requirements are seamlessly met with (Article 35(7)) , Measure 4 Measure 2 Measure 3 Measure 5 Measure 1 • By conducting an assessment of the data protection risks associated with any new project and initiating mitigation of risks. • By assessing and implementing the GDPR compliance to existing or pre-dated data protection plans and projects. • By initiating and executing an immediate mitigation plan to address any gaps or risks posed in delivering our data services. • We make sure that we regularly review our information and privacy policies and measures and, where necessary, improve them. • We ensure that any data processor we use also implements appropriate technical and organizational measures. 10/14

  13. We ensure that we meet the requisite data processor obligations- We claim the highest standards of work ethics with utmost obedience to laws that we are subject to. All the pre-scraped public data that we collect and process is done so with the contractual consent of our customers under the purview of Article 7 of the GDPR. At BizProspex, our compliance and audit experts work tirelessly to make sure all the right compliance controls are in place when it comes to your data. Article 30(2): We, the processor and, where applicable, our representative maintains a record of all categories of processing activities carried out on behalf of a controller (our client). • We have all our data processing tasks and projects adequately labeled with our company’s registered name and logo in accordance with the GDPR requirements. • Where possible, a general description of the technical and organizational security measures are provided in accordance with Article 32(1). 11/14

  14. How can you overcome the challenges posed by the GDPR framework? The following remedies are based on key GDPR requirements, as well as good governance, risk management and compliance practices - 1. Know the data that is collected- Determine if your organization collects, stores and processes data from any individual or organization based in the EU or EEA to fall under the ambit of GDPR. 2. Assess the legal ramifications of the data in possession-Determine the legal purpose for processing processed data. Article 6 notes the following as legal reasons: • ensuring the necessary consents of the data controller and subjects are obtained via a legal contract. • fulfilling requirements specified in a legal contract. • complying with the data processor’s legal mandates. • protecting vital interests of the data subject and data controllers. 12/14

  15. 4. Careful transfer of data-Ensure processed data is securely moved from one processing device to another without any restriction or data loss. 5. Enable a DPO-Employ a Data Protection Officer who is qualified and responsible for data protection and privacy activities, especially those applicable to GDPR. 3. Protect the collected data-Ensure processed data is hidden from unauthorized observation and access. 6. Report data breaches-Ensure a process exists to regularly review and test the processing mechanisms and data breaches are duly reported to the interested parties. 7. Due encryption of data- Encrypt processed data locally, as opposed to using a remote encryption service, so access and encryption keys are protected and available to the data controller. 8. Hold data compliance workshops-Provide awareness training for employees to explain the importance of GDPR and the company's commitment to compliance. 13/14

  16. Partner with us to benefit with the highest-quality and GDPR compliant data services. Contact us to know more. https://www.BizProspex.com/ murtaza@bizprospex.com 14/14

More Related