The new, updated and in-line with the digital age rules for the protection of personal data have been set under EU Regulation 2016/679 (Known as General Data Protection Regulation/GDPR). With the May 25, 2018 deadline for full compliance fast approaching and from the moment that any legal entity stores and processes the personal data of EU citizens, whether it’s clients, third parties or employees, regardless of whether the actual processing takes place in the Union or not, it needs to comply with the new GDPR regime. To do that, the following steps will be performed:
Step 1 – Determine the extent of work and the level of compliance of the company. For this reason, a set of questions will be sent (titled as ‘GDPR Questionnaire’). Please answer those questions and return those answers to us for consideration. We will then provide you with a fee for the next steps, requesting relevant documentation and further information (if required).
Step 2 – Legal review, assessment and implementation of the necessary changes on the company’s communication with clients material, policies, employees’ contracts, agreements with partners, personnel staff-books and corporate rules in terms of privacy, against the requirements posed by the new GDPR rules. In case of absence of any the above documents, they will be drafted by us. Information about basic principles of GDPR to key people may also be provided.
Step 3 – Review and implement the necessary changes to the e-shop’s website or any other system that personal data are stored.
Step 4 – Provision of legal opinion on the extent of the overall compliance.
Step 5 – Continuous legal support – Appointment of a Data Protection Officer (DPO) – after 25.05.2018. The need for appointing a DPO will be determined and provided within the legal opinion under Step 4.
Kindly note that failure to comply with the GDPR, may lead to significant fines. Fines of up to 4% of annual global revenue or 20 million euros, whichever is higher, for non-compliance, are extremely high and can easily put any company out of business.
Ioannis Sarakinos, Mr.