Daily support for compliance with the General Data Protection Regulation for a major Lyon-based company specializing in IT systems and software consulting.
This project involved the deployment of an RGPD compliance maturity audit, based on over 100 checkpoints.
- Conducting a maturity audit
- Identification of recommendations
- Association of risks
Following our recommendations, we have committed ourselves as external Data Protection Officer in order to consolidate the maturity base (security, confidentiality, quality) and to punctually maintain the level of maturity set up while integrating the businesses into the processes.
Realization
Personal data mapping support
– Support for the register of processing activities
– Data flow repository
– Report on the review of internal/external contracts and policies (contracts, IT charter, policies, rgpd annex…)
Support documentation of personal information management rules including data retention and deletion policies;
– Support for the standardization of the procedure for responding to the rights of the persons concerned
– Consent management documentation support including consent management procedures (related to the purpose of processing) on the website;
– PIA and Privacy by Design Process Improvement Report
– Documentation support (template) of the communication procedure in case of an incident, towards the persons concerned and the control authorities