Be GDPR Ready

Are you ready?

The European Union General Data Protection Regulation (GDPR) significantly increases the responsibilities and obligations for businesses and organisations in how they collect, use and protect personal data. Failure to comply with legislation may result in maximum fines of 4% of global revenue or €20 million, whichever is greater.

What the GDPR means for your business

icon-(1)_poster_

Consent

Businesses must refresh all consents if they don’t meet GDPR requirements. Consent given must be specific, positive opt-in, freely given, granular and separate from other matters.

    notification_poster_

    Data Breach Notification​

    Data controllers must notify the supervisory authority of a data breach with 72 hours or in cases of increased severity without undue delay. Failure to notify can result in significant. fines

    DPO_new

    Data Protection Officer​

    Businesses must appoint a DPO if they are a public authority, carry out large scale systematic monitoring of individual personal and sensitive data, or data related to criminal convictions and offences.

      iconfinder-512 (1)

      Rights of the Individual​

      New and greater rights to individuals exists under the GDPR, giving them greater control over the processing of their personal data Their rights must be mapped out clearly in the privacy notice.

        account_poster_

        Protection by design​

        Businesses need to introduce technical and organisational measures to ensure that data privacy and protection is at the heart of all their future actions when processing personal data. 

        tasks copy_poster_

        Subject Access Request​

        Individuals can request access to all of the personal data that you hold on them along with confirmation on how their data is being processed. This must be provided within one month and free of charge.

          Our Practical Approach to the GDPR

          consulting_poster_

          Consultancy

          Reaching compliance can take time so it is key to have the best plan in place. Our consultation process takes you from initially understanding your current GDPR situation and supports you through to compliance. This creates clarity throughout the complete journey

            training_poster_

            Training

            We provide individual, group and public sector training. Our courses range from GDPR awareness to intensive training for Data Protection Officers. We offer specialist courses in GDPR Readiness, Data Audits, DPIAs and GDPR Privacy Notices. We also tailor training courses to meet your organisational needs.

            speed_poster_

            Implementation

            Our experience and expertise provides the complete, end to end,  practical GDPR solution for all sectors from assessing your GDPR Readiness to developing a GDPR Roadmap, successfully implement the processes and procedures to achieve and maintain GDPR compliance.

              review_poster_

              GDPR Readiness Audit

              The first step to compliance is to determine the GDPR readiness of your business or organisation. This is carried out by arranging an onsite consultation with key members of your staff. Format Data then prepares a GDPR Readiness Audit Report with recommendations to reach compliance. We also offer training courses to teach you how to carry it out on your own

                check-list_poster_

                Data Audit

                GDPR places an obligation on to conduct a Data Audit on data processing activities. We teach you how to conduct a Data Audit to identify areas of risk in your data processing activities and enable changes needed prior to GDPR coming into operation. Format Data also assists organisations to put in place new record keeping obligations under GDPR.

                targeting_poster_

                Data Protection Impact Assessment

                Businesses are required to take a risk based approach when they are processing personal data. Format Data teaches you how to conduct a Data Protection Impact Assessment which will enable you to identify and respond to risks, thus ensuring compliance with GDPR and reduce the risk of reputational damage.

                  folder-management_poster_

                  Policies and Procedures

                  Organisations are required “to be responsible for and be able to demonstrate compliance”. A GDPR toolkit of documents, procedures and tools which are GDPR compliant is available to buy through Format’s website or free with some of our online GDPR courses. We also offer a boutique service to create all of your policies and procedures.

                    privacy_by_design

                    Privacy by Design

                    Privacy by design includes product development, software development, IT Systems and services. Format Data assists businesses and organisations to incorporate personal data protection and privacy throughout the whole product, service or systems design process. In the process this can also improve the efficiency of systems within a business.

                    Data_breach_management_new

                    Data Breach Management

                    Format: Data assists businesses in creating a system for detection, investigation, reporting and communication in relation to data breaches.. You can also attend one of our GDPR training courses to learn the practical steps of putting a data breach management plan in place.

                      The European Union General Data Protection Regulation (GDPR) significantly increases the responsibilities and obligations for businesses and organisations in how they collect, use and protect personal data. Failure to comply with legislation may result in maximum fines of 4% of global revenue or €20 million, whichever is greater.

                      What the GDPR means for your business

                      icon-(1)_poster_

                      Consent

                      Businesses must refresh all consents if they don’t meet GDPR requirements. Consent given must be specific, positive opt-in, freely given, granular and separate from other matters.

                        notification_poster_

                        Data Breach Notification​

                        Data controllers must notify the supervisory authority of a data breach with 72 hours or in cases of increased severity without undue delay. Failure to notify can result in significant. fines

                        DPO_new

                        Data Protection Officer​

                        Businesses must appoint a DPO if they are a public authority, carry out large scale systematic monitoring of individual personal and sensitive data, or data related to criminal convictions and offences.

                        iconfinder-512 (1)

                        Rights of the Individual​

                        New and greater rights to individuals exists under the GDPR, giving them greater control over the processing of their personal data Their rights must be mapped out clearly in the privacy notice.

                          account_poster_

                          Protection by design​

                          Businesses need to introduce technical and organisational measures to ensure that data privacy and protection is at the heart of all their future actions when processing personal data. 

                          tasks copy_poster_

                          Subject Access Request​

                          Individuals can request access to all of the personal data that you hold on them along with confirmation on how their data is being processed. This must be provided within one month and free of charge.

                          Our Practical Approach to the GDPR

                          consulting_poster_

                          Consultancy

                          Reaching compliance can take time so it is key to have the best plan in place. Our consultation process takes you from initially understanding your current GDPR situation and supports you through to compliance. This creates clarity throughout the complete journey

                            training_poster_

                            Training

                            We provide individual, group and public sector training. Our courses range from GDPR awareness to intensive training for Data Protection Officers. We offer specialist courses in GDPR Readiness, Data Audits, DPIAs and GDPR Privacy Notices. We also tailor training courses to meet your organisational needs.

                            speed_poster_

                            Implementation

                            Our experience and expertise provides the complete, end to end,  practical GDPR solution for all sectors from assessing your GDPR Readiness to developing a GDPR Roadmap, successfully implement the processes and procedures to achieve and maintain GDPR compliance.

                            review_poster_

                            GDPR Readiness Audit

                            The first step to compliance is to determine the GDPR readiness of your business or organisation. This is carried out by arranging an onsite consultation with key members of your staff. Format Data then prepares a GDPR Readiness Audit Report with recommendations to reach compliance. We also offer training courses to teach you how to carry it out on your own

                              check-list_poster_

                              Data Audit

                              GDPR places an obligation on to conduct a Data Audit on data processing activities. We teach you how to conduct a Data Audit to identify areas of risk in your data processing activities and enable changes needed prior to GDPR coming into operation. Format Data also assists organisations to put in place new record keeping obligations under GDPR.

                              targeting_poster_

                              Data Protection Impact Assessment

                              Businesses are required to take a risk based approach when they are processing personal data. Format Data teaches you how to conduct a Data Protection Impact Assessment which will enable you to identify and respond to risks, thus ensuring compliance with GDPR and reduce the risk of reputational damage.

                              folder-management_poster_

                              Policies and Procedures

                              Organisations are required “to be responsible for and be able to demonstrate compliance”. A GDPR toolkit of documents, procedures and tools which are GDPR compliant is available to buy through Format’s website or free with some of our online GDPR courses. We also offer a boutique service to create all of your policies and procedures.

                                privacy_by_design

                                Privacy by Design

                                Privacy by design includes product development, software development, IT Systems and services. Format Data assists businesses and organisations to incorporate personal data protection and privacy throughout the whole product, service or systems design process. In the process this can also improve the efficiency of systems within a business.

                                  Data_breach_management_new

                                  Data Breach Management

                                  Format: Data assists businesses in creating a system for detection, investigation, reporting and communication in relation to data breaches.. You can also attend one of our GDPR training courses to learn the practical steps of putting a data breach management plan in place.