What companies must do to operate in line with the GDPR?

A number of actions and measures are needed to operate an organization (Data Controller or Data Processor) in line with the Regulation, which at a minimum should be implemented. These are:

Conduct Data Protection Impact Assessments (PIA)
Maintain appropriate data security
Institute safeguards for cross-border data transfers
Implement “Privacy by Default” and “Privacy by Design”
Take responsibility for the security of third-party (Data Processors)
Get appropriate consent for most personal data collection and provide notification of personal data processing activities
Get a parent’s consent to collect data for children under 16 years old
Appoint a Data Protection Officer (if you regularly process lots of data, or particularly sensitive data)
Notify data protection authorities of data breaches
Keep records of all processing of personal information
Consult with regulators before certain processing activities
Be able to demonstrate compliance on demand

I am interested in

Please type the letters in the picture (Case Sensitive)

To find out more about the processing of your Personal Information collected through the above form, please visit our Privacy Statement page.