At Willans Data Protection Services and our affiliate, UK law firm Willans LLP, we can help you in many ways. Our GDPR and data protection experts can support you with advisory services to include:
GDPR audits and assessments
designing compliance programmes and privacy governance frameworks
bespoke solutions for your organisation such as staff training.
We can provide you with a full solution or help you with certain aspects, no matter where your organisation is on its GDPR journey.
The General Data Protection Regulation (GDPR) is the European Union’s new data protection regime which came into effect in May 2018.
It has wide territorial scope – it applies not only to organisations with a physical presence in EU member states, but also to entities located anywhere in the world, if they are processing personal information about, or monitoring the behaviour of, EU citizens to whom they are offering goods or services.
GDPR also introduces vastly increased fines. The maximum fine for a serious infringement is 4% of annual worldwide turnover, or €20 million, whichever is the greater. Therefore even a smaller organisation could potentially face an administrative fine of up to €20m.
The first step in any GDPR compliance programme is to understand what data you are processing and where, and how that data flows around your organisation. This also helps in the preparation of Article 30 records, legally required records of your data processing activities. Our affiliate Willans LLP (a UK law firm), can assist with these steps.
If you are processing data about data subjects in the EU but are not yourself established in the EU, you may be required to formally nominate a representative within the EU for data protection purposes, under Article 27 of GDPR. We can act as your data protection representative. Find out what this involves and whether you might need to appoint an Article 27 Representative.
If your organisation is located outside the UK but offers goods or services to individuals in the UK, or monitors their behaviour, and you are processing their personal data for those purposes, then the chances are that on Brexit the UK’s Applied GDPR regime will apply to you. Find out what this involves and whether you might need to appoint a UK Representative.
Some organisations will need to nominate a Data Protection Officer who is responsible for overseeing and implementing its data protection strategy and implementation in accordance with GDPR requirements. We can act as your Data Protection Officer. Find out what this involves and whether you might need to appoint one.
We offer GDPR training for organisations at all levels. Our courses are designed to educate and inform staff on GDPR legislation and rules and provide practical examples of how to stay compliant.