As of May 25th, of 2018, every organization that collects and/or processes personal data of individuals in the European Union, has to comply with the EU General Data Protection Regulation (GDPR).
Glownexus, together with partner organizations, provides several GDPR compliancy services to help organisations to become and remain compliant with GDPR.
Examples of these services are:
Online GDPR Risk Scan
A questionnaire-based approach which gives your organisation an overview of the GDPR compliancy risks for your organization. Responses are analysed by our compliancy experts. Conclusions will be presented to the management team in a video conference.
GDPR Administration Package
The GDPR demands that organizations are transparent, to authorities and subjects, about what kind of personal data is collected and processed as well as for what purposes.
It also requests organizations to implement adequate measures to protect the rights of the data subjects.
This package covers all mandatory aspects of GDPR related administration, providing transparency to authorities and data subjects, as required by law.
This package includes the following documents, tailored to your organisation:
GDPR Security Package
The GDPR requires that organizations regularly monitor the effects of GDPR related measures, and make changes where necessary. In other words, implement an Information Security Management System (ISMS).
The Security package includes:
Glownexus, together with partner organizations, provides several GDPR compliancy services to help organisations to become and remain compliant with GDPR.
Examples of these services are:
Online GDPR Risk Scan
A questionnaire-based approach which gives your organisation an overview of the GDPR compliancy risks for your organization. Responses are analysed by our compliancy experts. Conclusions will be presented to the management team in a video conference.
GDPR Administration Package
The GDPR demands that organizations are transparent, to authorities and subjects, about what kind of personal data is collected and processed as well as for what purposes.
It also requests organizations to implement adequate measures to protect the rights of the data subjects.
This package covers all mandatory aspects of GDPR related administration, providing transparency to authorities and data subjects, as required by law.
This package includes the following documents, tailored to your organisation:
- Privacy Statement for your website
- Data Processing Agreement
- Internal Personal data policy
- Roles description,
- Information registry
- Data retention policies
- Data breach procedure
- Incident registry
- Procedures for exercising data subject’s rights.
GDPR Security Package
The GDPR requires that organizations regularly monitor the effects of GDPR related measures, and make changes where necessary. In other words, implement an Information Security Management System (ISMS).
The Security package includes:
- A security risk analysis to identify the most important security risks and a summary of recommended measures that can be used to mitigate those risks
- Access management policies and procedures
- A Security Policy including practical guidelines for employees
- Procedures to ensure and monitor the GDPR compliance of data processors, i.e. (cloud) service providers
- Procedures for (ICT) change management
- Reporting templates and procedures to fulfill the GDPR accountability requirements