Within the framework of the GDPR, companies are confronted with stricter obligations to document their data protection compliance (guidelines). You must be able to document this compliance and provide evidence on request. No company will come to the topic of data protection!
We can support you in this process of introducing the GDPR.
EU – GDPR
General Data Protection Regulation
What is the EU General Data Protection Regulation and from when does it apply?
The Basic Data Protection Regulation of the European Union entered into force on 24 May 2016 and will in future regulate data protection uniformly throughout the EU. National regulations, such as the Austrian Data Protection Act 2000 (DSG 2000), now apply in addition if national interests are not covered by the EU GDPR. With its 99 articles, the regulation is very comprehensive and requires companies to make a number of changes to their own organizational, technical and legal measures. The sanctions for data protection violations have been increased by the regulation from up to € 300,000 up to € 20 million. Managing directors and executive directors stand opposite the society after §§ 43 GmbH, 93 AktG in the personal liability with their private fortune. The deadline for implementation is 25 May 2018; Within this period, the new requirements of every company in the EU have to be implemented.
Why does your company need support in the implementation?
Data protection law is being redrafted by the regulation. Many new duties have been added and the liability framework significantly tightened. The own, operational data protection officer (if there is one) is often overstrained in the number of necessary, legally very complicated implementation measures. In addition, the company is liable for its misconduct, as the employee can only be claimed under liability law in exceptional cases. We specifically support the preparation and implementation of the EU GDPR by monitoring and documenting the screening of existing processes in personal data processing. Liability will not be accepted.
How is the support process going?
First, we record the current data protection status in your company and compare it with the new requirements of the ordinance. You will then receive a list of measures to be implemented in the company, which will be coordinated with the responsible authorities. With our support, the measures are then gradually implemented and controlled within the company. Such a process takes a few weeks for small companies and several months for large corporations. The aim is to have all implementation measures completed by the date of application of the Regulation on 25 May 2018 in order to avoid impending fines for your company.
How can we support Data Privacy?
The implementation process must run inside the company. We support the responsible departments in the company with knowledge, documents and advice. The latter is reduced to consulting in IT processes (collection and processing of personal data); Legal advice in individual cases does not take place. However, we are aware of the legal requirements, which is why all information and documents provided by us were previously checked for legal compliance. For individual legal questions, we assist with the clarification of your own lawyers or mediate to specialized IT and data protection lawyers.
Which costs arise?
Of course, the costs involved depend on the size of the company and the extent of personal data processing. For a small / medium sized business with up to 30 employees and normal IT use (not an online business), 2 person days are often sufficient to assist in implementing the regulation.
After a thorough study of the EU GDPR with regard to legal texts, data protection law and implementation of the guidelines in practice, we can implement the requirements for the preparation, implementation and completion phase (including notifications to the authorities) in your company in a very practical and understandable way.