Select Page

Information management
Does your company comply with the GDPR?
Privatum offers an answer to all your questions about privacy and data protection.

Rights of those involved

Do you inform your customers about the purpose of collecting personal data?

You have procedures for when customers request all their personal data.

If customers ask to delete all their personal data, can you guarantee that you can?

GDPR Principles

Are you sure that all personal data that you process has been obtained lawfully?

Do you only process the personal data that you need?

Are you sure that your personal data does not store longer than necessary?

Accountability

Have you appointed a DPO?

Do you perform data protection impact assessments?

Do you keep a record of the processing activities and do you update it?

Organizational measures

Are your employees aware of the GDPR?

Is privacy by default and design embedded in your company?

Is compliance regularly monitored?

Are privacy policies provided>?

Technical measures

Are your IT architecture and applications safe?

Do you apply rules regarding password strength and renewal?

Do you use anonymous data for test environments?

Are personal data encrypted when they are sent over the internet?

Risk concerning third parties

Do you check whether all your suppliers are GDPR compliant?

Do you have agreements regarding data breaches with your suppliers?

Do you know which third-party tools you send personal data to?

Do you transfer personal data outside the EU?

DPO as a service

The GDPR introduces a new role: the Data Protection Officer or Data Protection Officer. This role is mandatory when you regularly and systematically monitor data subjects or when you process sensitive personal data on a large scale. According to the GDPR, this role can be outsourced.

What are the benefits of an external DPO?

  • No conflicting priorities or interests
  • Cost saving
  • Efficient
  • Flexibility
GDPR compliance check

The GDPR requires you to prove your organization

 

  • how those involved can exercise their rights
  • that you fulfill your accountability
  • that you respect the principles of the GDPRt
  • which organizational and technical measures you take to protect personal data
  • how to transfer the rights of the person concerned to other organizations, foreign branches and partnerss

To give you an idea of how you as an organization score on each domain, Privatum has developed a conformity check. This check results in a dashboard and a report with advice on improvements.

You can request a Privatum GDPR conformity check

  • as a one-off audit to have an idea of the extent to which your organization complies
  • as a one-off audit to have an idea of the extent to which your organization complies

This GDPR conformity check is included in our “DPO as a service” offer.

Rights of those involved

Accountability

Technical measures

GDPR Principles

Organizational measures

Risks related to third parties

Privacy Audit

In a privacy audit we conduct a thorough investigation into how you have implemented GDPR compliance in your organization.

Here are some examples of studies that we perform:

  • We evaluate whether your processing register is complete, contains all required information and is up-to-date.
  • We check your data protection impact assessmentss
  • We discuss your privacy roadmap
  • We examine how those involved can exercise their rights
  • We check your organizational privacy procedures and investigate whether your employees know and follow these.
  • We study your privacy policy

The result is an extensive report with our findings from each study, recommendation for improvement, and a list of non-conforming topics ordered by priority

Privacy consultancy

If you have already appointed a DPO you can still ask us

  • to perform a data protection impact assessment on a new projectas
  • a sparring partner for your DPO to strengthen your privacy team
  • to share our best practices
  • to organize awareness sessions for management and / or your employees
  • to train your employees
  • to help you monitor privacy policies and procedure
User rights assessment

The rights of those involved are the most important elements of the GDPR. In a user rights assessment, we present ourselves as a data subject and we test your employees and internal procedures when executing the law:

  • to retrieve all personal data that is kept of a data subject
  • to delete and exclude all personal data from further processing
  • to revoke previous permissions
  • to resist profiling

The result is a report with our findings and a list of possible improvements

ISO 27001 certification
ISO 27001 certification demonstrates that you meet the requirements regarding information security. In this way you guarantee the confidentiality, integrity and availability of business-critical information. This ISO standard ensures continuous improvement of your organization and offers certainty and trust for your clients.

In addition to the fact that ISO 27001 gives you a better picture of your information security and can then take the necessary steps, this standard is also strongly recommended in the NIS legislation.

Why ISO 27001?

  • Reduce risks
  • Prevent incidents
  • Increase your reliability
  • Lift your organization to a higher level
  • Meet the requirements of (potential) customers
  • Comply with European laws and regulations
  • Constant improvement of your information security policy
  • Commercial signboard that opens doors

Why Privatum?

We are independent of every product and provider and we provide privacy as a service.
We start from your existing company roadmap when applying privacy by design and privacy by default
We translate the GDPR from a legal requirement to a business opportunity because the improvement of business processes is in our DNA.
We follow a pragmatic and iterative approach to minimize the impact on daily operation and tackle the highest privacy risks first
When applying privacy and data protection in your organization, not only legal advice is sufficient. The least of your operational and technical staff must also change. Securing this change requires a long-term commitment from inspiring, pragmatic people who take responsibility and are experts in the field.

KMO Portefeuille

Are you a Flemish SME? Then you are eligible to receive financial support if Privatum supports you in improving your privacy and data protection policy.
Ambition as a Privacy Consultant, Project Manager, Business Analyst, Functional Analyst …

As an employee or freelance?