Adaptación RGPD

By hiring our data protection services, you will be able to come into effect with national, European and International privacy regulations in a short period.

The main reason for the Data Protection regulations is, year by year, to implement a culture of privacy so that both users and organizations value the fundamental right to privacy. The process has changed from one more bureaucratic approach to a manner of guaranteeing the rights and freedoms of citizens.

One of the principles of European regulation is the principle of Proactive Responsibility.

In Auratech, with our Data Protection services, we create annual protocols to carry out the necessary monitoring and to meet that proactivity. We create them to ensure correct monitoring of the implementation. These milestones have been configured according to the characteristics of each client. We like to emphasize that, in the initial phase, after the diagnosis, we create a protocol with guidelines and phases adapted to each client. We do not use the same outline for all clients. Some situations will require a big effort in some parts of the project, and there are situations that will require less effort. The technique of “coffee for all” is common, creating an outline that is used for everyone, without differentiating Freelance without employees, from a multinational.

We have an excellent knowledge of technology, which allows us to communicate directly with the technical specialists at the time of proposing and designing the optimal solutions.

We analyze the personal data processing from all points of view and concerning all affected groups: employees, suppliers, contributors, clients, users…

The way of implementation adaptation of each company goes through different solutions:

  • Legal: Redaction and revision of contracts, creation of legal texts for employees and providers, creation of protocols, clauses, and Codes of Conduct.
  • Technical: Analysis of implemented security measures, redaction of new security measures and correction of any anomaly, business continuity plan, management of security breaches, and media inventory.
  • Negotiation and processing of requirements: Response and processing of the requirements received, in the appropriate way in each case. We also meet with your clients to represent them in any process involving data flow between different regulations.
  • We propose solutions and corrective measures adapted to each specific case.

Phases of the adaptation process:

With the arrival of the European Data Protection legislation, we must be conscious of the importance of the accountability principle, which the European Data Protection Regulation establishes.

The phases of action have been designed to follow a complete “road map” to ensure legality and security.

Our different phases of adaptation establish some guidelines to face the obligations of the GDPR, specifying which processes and documents need to be created and implemented. Technical and organizational measures are a delicate phase, but our AENOR-certified lawyers use international standards and processes to guarantee results and to shield procedures to minimize the risks in case of any security violation.

Our services consist in some of the following phases of Data Protection consulting:

  1. Analysis of the company’s needs through initial diagnosis.
  2. Preparation of data collection for the subsequent creation of the necessary documentation.
  3. Registration of the Data Protection Delegate before the Spanish Data Protection Agency (if necessary after the necessity report).
  4. Drafting of all legal texts required to comply with e-commerce and privacy regulations.
  5. Presentation of all documentation and implementation of all texts within the company.
  6. Sending of confidentiality and data processor contracts to each company that may have access to our client’s data.
  7. We communicate directly with the persons or companies that manage the site so that they correct the anomalies detected.
  8. Sending the code of ethics and conduct to employees according to their position (teleworking, extraction of documentation, use of company resources, etc.).
  9. Control of all video surveillance systems to ensure that they are in accordance with the published regulations and instructions.
  10. Control of the correct implementation of security measures for the protection of company assets.
  11. Recording of all the work done in order to demonstrate the effort made to comply with the regulations.
  12.  

    Translated with www.DeepL.com/Translator (free version)

These phases often depend on the size of the company, the sector and the needs detected.

Our lawyers will carry out these phases without affecting our clients’ day-to-day operations.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published.