Consultancy specialising in the General Data Protection Regulation (GDPR)

‘by Data is a Consultancy specialising in the General Data Protection Regulation (EU) 2016/679 (GDPR) to comply with legal and security requirements in the management and processing of personal data.
 
The General Data Protection Regulation (GDPR) applies to applies to the processing of personal data of data subjects who are in the Union by any business (Controller or Processor) not established in the European Union, where the processing activities are related to:
 
– Targeting European Union residents via website or direct marketing, offering goods or services.
– Having users, customers or clients in the European Union.
– Tracking individuals (or analyses and predicts personal preferences, behaviours and attitudes) in the European Union.

TERRITORIAL SCOPE

In Australia, since June 2018, the Office of the Australian Information Commissioner (OAIC) stablished through the ‘Privacy Business Resource 21’ the mandatory obligation for Australian businesses to apply the General Data Protection Regulation (EU) 2016/679 (GDPR) if they meet one of the following criteria:
 
– with an office within the European Union.
– offering goods or services to European Union citizens or residents.
– whose website targets European Union residents (Marketing).
– with users, customers or clients in the European Union citizens or European Union residents.
– tracking individuals (or analyses and predicts personal preferences, behaviours and attitudes) in the European Union.
 
In 2021, the United Arab Emirates (UAE) created the UAE Data Office and with the ‘Federal Decree-Law No. 45’ of 2021 regarding the Protection of Personal Data (‘the Law’) became effective on 2 January 2022, and is the UAE’s first federal-level data protection law, applying the General Data Protection Regulation (EU) 2016/679 (GDPR).

by Data Home Page

Services​

‘by Data’ offers an integral compliance with GDPR to cover all your personal data processing.
Creating and developing Technical and Organisational Measures, data protection policies and security procedures to make sure that your business compliance with the General Data Protection Regulation (EU)

GDPR Compliance Plan
 
Privacy Risk Analysis
 
Develop Records of Processing Activities
 
Develop Privacy Policy and Security Procedures:
For Clients and Customers (External Policy)
For Service Providers and Suppliers
For Employees & Sub-contractors (Internal Policy)
 
Develop of Informative Clauses and Consents in Forms and Contracts
 
 
Consulting, Maintenance and Audit
 
The GDPR requires a process of verification, evaluation and assessment of the status of the implementation of the standards, within a process of continuous improvement.

Grafico

RISK ANALYSIS

RECORDS OF PROCESSING ACTIVITIES

PRIVACY IMPACT ASSESMENT

Checklist

AUDITS

PRIVACY POLICY

SECURITY PROCEDURES

Officer

DATA PROTECTION OFFICER

EUROPEAN REPRESENTATIVE

CONSULTANT

Data Protection Officer (DPO)


The Data Protection Officer (DPO) must be designated by the Organisation and be communicated to the concerned Supervisory Authority in any case where:
 
– The data processing is carried out by a Public Authority or Body, except for courts acting in their judicial capacity; or
– The core activities of the business consist of processing operations which, by virtue of their nature, their scope and/or their purposes, require Regular and Systematic monitoring of data subjects on a large scale; or
– The core activities of the business consist of processing on a large scale of Special Categories of data or data relating to Criminal Convictions and Offences referred.

European Representative

Businesses, that carry out regular and systematic processing of personal data, must designate a European Representative regarding their respective obligations under this regulation when:
 
Offering of goods or services (Direct Marketing), irrespective of whether a payment of the data subject is required, to European citizens or residents; or

Monitoring of their behaviour as far as their behaviour takes place within the European Union.