Scribd Logo
Upload

Welcome to Scribd!

  • Prepare Your Startup For The GDPR With WeControl

    Uploaded by

    Anonymous xMHDw5B
    8 views12 pages
    Top 10 steps any startup or company should take for GDPR compliance. Set up objectives and ensure privacy training for your employees - every high-level step you need to know about for your company's GDPR compliance. . Powered by WeControl - GDPR Management Software http://wecontrol.io/

    Original Title

    Prepare Your Startup for the GDPR With WeControl

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Top 10 steps any startup or company should take for GDPR compliance. Set up objectives and ensure privacy training for your employees - every high-level step you need to know about for your company's GDPR compliance. . Powered by WeControl - GDPR Management Software http://wecontrol.io/

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    8 views12 pages

    Prepare Your Startup For The GDPR With WeControl

    Uploaded by

    Anonymous xMHDw5B
    Top 10 steps any startup or company should take for GDPR compliance. Set up objectives and ensure privacy training for your employees - every high-level step you need to know about for your company's GDPR compliance. . Powered by WeControl - GDPR Management Software http://wecontrol.io/

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

    Prepareyour

    start-upfor
    theGDPR
    Step-by-step with
    WeControl
    Step1:Whatisyourdataprotection
    objective?
    Data protection is risk management for personal data.

    What will you do if


    What will you do if
    What will you do if What will you do you lose a device
    someone asks for containing access to
    your data is when you hire a
    copies of their personal data?
    hacked? new employee?
    personal data?
    Step2:Appointa
    dataprotection
    owner
    You may be start-ups, but people
    still need to own tasks.
    Step3:Create:

    PrivacyPolicy CookieNotice
    Step4:Maintain
    recordsof
    processing
    activities(ROPA)
    Maintaining ROPA is mandatory and
    it is the key to unlock the GDPR in
    your start-up.

    NOTE :anyinteractionbetweenyour
    start-upand3rdpartymusthavea
    GDPRcompliantcontract!
    Step5:Checkyour
    third-partyvendors
    arecompliant
    Make sure that all your Processors and
    are GDPR compliant.
    Step6:Dealingwithpersonaldata
    incidents
    A data incident is any event that compromises personal data: loss,
    sent to the wrong person, denial of service, accidental deletion, etc.

    Ifyoudon'tdealwiththis,theconsequencescanbevery
    serious!
    Step7:Respect
    individuals’GDPRrights
    You must have a mechanism to
    capture and process individuals`
    rights requests

    You have 30 days to respond to a


    SAR

    The individual has the right to


    access, get copies of, delete and
    modify his / her personal data and
    to object to certain types of
    processing
    Step8:Trainingand
    physicalsecurity
    You must train your employees
    about data protection.
    Step9:Salesand
    Marketing
    You must ask for and record
    consent before you send
    marketing material

    Always have an opt-out button

    You must be very transparent


    about your marketing
    Step10:Human
    Resources(HR)
    Add a data protection
    section to your
    employment rules
    Give access only to those
    who need it
    Thankyou!
    Wecontrol.io
    hello@wecontrol.io
    Tallinn,Estonia

    You might also like