Consultancy specialising in the General Data Protection Regulation (GDPR)

‘by Data’ is a Consultancy specialising in the General Data Protection Regulation (GDPR) to comply with legal and security requirements in the management and processing of personal data.
 
In Australia, since June 2018, the Office of the Australian Information Commissioner (OAIC) stablished through the Privacy Business Resource 21 the mandatory obligation for Australian businesses to apply the General Data Protection Regulation (EU) 2016/679 (GDPR) if they meet one of the following criteria:
 
– an Australian business with an office within the European Union.
– an Australian business whose website targets European Union residents (Marketing).
– an Australian business with users, customers or clients in the European Union citizens or European Union residents.
– an Australian business that tracks individuals (or analyses and predicts personal preferences, behaviours and attitudes) in the European Union.

by Data Home Page

Services​

‘by Data’ offers an integral compliance with GDPR to cover all your personal data processing.
Creating and developing technical and organisational measures, data protection policies and security procedures to make sure that your business compliance with the General Data Protection Regulation (EU)

RGPD Compliance Plan
 
Privacy Risk Analysis
 
Develop Records of Processing Activities
 
Develop Privacy Policy and Security Procedures:
For Clients and Customers (External Policy)
For Service Providers and Suppliers
For Employees & Sub-contractors (Internal Policy)
 
Develop of Informative Clauses and Consents in Forms and Contracts
 
 
Consulting, Maintenance and Audit
 
The GDPR requires a process of verification, evaluation and assessment of the status of the implementation of the standards, within a process of continuous improvement.

Grafico

RISK ANALYSIS

RECORDS OF PROCESSING ACTIVITIES

PRIVACY IMPACT ASSESMENT

Checklist

AUDITS

PRIVACY POLICY

SECURITY PROCEDURES

Officer

DATA PROTECTION OFFICER

EUROPEAN REPRESENTATIVE

CONSULTANT

Data Protection Officer (DPO)


The Data Protection Officer (DPO) must be designated by the Organisation (Australian businesses who applies GDPR) and be communicated to the concerned Supervisory Authority in any case where:
 
– The data processing is carried out by a Public Authority or Body, except for courts acting in their judicial capacity; or
– The core activities of the Australian business consist of processing operations which, by virtue of their nature, their scope and/or their purposes, require Regular and Systematic monitoring of data subjects on a large scale; or
– The core activities of the Australian business consist of processing on a large scale of Special Categories of data or data relating to Criminal Convictions and Offences referred.

European Representative

Australian businesses, that carry out regular and systematic processing of personal data, must designate a European Representative regarding their respective obligations under this regulation when:
 
Offering of goods or services (Direct Marketing), irrespective of whether a payment of the data subject is required, to European citizens or residents; or

Monitoring of their behaviour as far as their behaviour takes place within the European Union.