Countdown to GDPR

Days
Hours
Minutes
Seconds

are you ready?

The European Union General Data Protection Regulation (GDPR) significantly increases the responsibilities and obligations for businesses and organisations in how they collect, use and protect personal data. Failure to comply with legislation may result in maximum fines of 4% of global revenue or €20 million, whichever is greater.

What GDPR means for your business

consent GDPR

Consent

Businesses must refresh all consents if they don’t meet GDPR requirements. Consent given must be specific, positive opt-in, freely given, granular and separate from terms & conditions.

 

Data Breach notification GDPR

Data Breach Notification

Data controllers must notify the supervisory authority of a data breach with 72 hours or in cases of increased severity without undue delay. Failure to notify can result in significant. fines

 

Data Protection Officer GDPR

Data Protection Officer

Businesses must appoint a DPO if they are a public authority, carry out large scale systematic monitoring of individual personal and sensitive data, or data related to criminal convictions and offences.

 

rights of individual GDPR

Rights to the Individual

GDPR confers new and greater rights to individuals, giving them greater control over the processing of their personal data Their rights and information relating the processing of their data must be mapped out clearly in the privacy notice..

privacy by design GDPR

Protection by design

Businesses and organisations will need to introduce technical and organisational measures to ensure that data privacy and protection is at the heart of all their future actions when processing personal data. 

subject access GDPR

Subject Access Request

Individuals can request access to all of the personal data that you hold on them along with confirmation on how their data is being processed. This must be provided within one month and free of charge.

Our Practical Approach to GDPR

consultancy GDPR

Consultancy

Reaching compliance can take time so it is key to have the best plan in place. Our consultation process takes you from initially understanding your current GDPR situation and supports you through to compliance. This creates clarity throughout the complete journey

training GDPR

Training

We provide individual, group and public sector training. Our courses range from GDPR awareness to intensive training for Data Protection Officers. We offer specialist courses in GDPR Readiness, Data Audits, DPIAs and GDPR Privacy Notices. We also tailor training courses to meet your organisational needs.

Implementation GDPR

Implementation

Our experience and expertise provides the complete, end to end,  practical GDPR solution for all sectors from assessing your GDPR Readiness to developing a GDPR Roadmap, successfully implement the processes and procedures to achieve and maintain GDPR compliance.

readiness assesment GDPR

GDPR Readiness Assesment

The first step to compliance is to determine the GDPR readiness of your business or organisation. This is carried out by arranging an onsite consultation with key members of your staff. Format Data then prepares a GDPR Readiness Audit Report with recommendations to reach compliance. We also offer training courses to teach you how to carry it out on your own

company data audit GDPR

Company Data Audit

GDPR places an obligation on to conduct a Data Audit on data processing activities. We teach you how to conduct a Data Audit to identify areas of risk in your data processing activities and enable changes needed prior to GDPR coming into operation. Format Data also assists organisations to put in place new record keeping obligations under GDPR.

DPIA GDPR

Data Protection Impact Assesment

Organisations and businesses are required to take a risk based approach when they are processing personal data. Format Data teaches you how to conduct a Data Protection Impact Assessment which will enable you to identify and respond to risks, thus ensuring compliance with GDPR and reduce the risk of reputational damage.

policies.procedures GDPR

Policies and Procedures

Organisations are required “to be responsible for and be able to demonstrate compliance”. A GDPR toolkit of documents, procedures and tools which are GDPR compliant is available to buy through Format’s website or free with some of our GDPR courses. We also offer a boutique service to create all of your policies and procedures.

privacy by design GDPR

Privacy by Design

Privacy by design includes product development, software development, IT Systems and services. Format Data assists businesses and organisations to incorporate personal data protection and privacy throughout the whole product, service or systems design process. In the process this can also improve the efficiency of systems within a business.

Data Breach Management GDPR

Data Breach Management

Format Data assists businesses in creating a system for detection, investigation, reporting and communication in relation to data breaches.. You can also attend one of our training courses to learn the practical steps of putting a data breach management plan in place.