DPO as a service

The GDPR introduces a new role: the Data Protection Officer. This role is mandatory when you regularly and systematically monitor data subjects or process sensitive personal data on a large scale. The GDPR makes it possible to outsource this role.
What are the advantages of an external DPO?
  • A DPO needs to be independent within the organization
  • A DPO must stay up to date on the latest law changes or recommendations by the privacy authorities. Your company doesn’t have to pay for expensive courses and self study
  • Privatum has a toolset and uses a framework that gives you a head start
  • Our expert knowledge and experience enables faster and easier implementation of required action in a pragmatic “highest risk first” approach
  • Our DPO’s can make use of their experience and best practices from other companies to your benefit, without of course violating non-disclosure agreements and exposing internal business logic.
  • By requesting our services when needed, you only pay per use
  • Internal DPO’s benefit from dismissal protection, however any contract with an external DPO is terminable.

GDPR  compliancy  check

The GDPR requires your organisation to demonstrate
  • how data subjects can execute their rights

  • your accountability

  • you respect the main principles of the GDPR

  • which organisational and technical measures you take to protect personal data

  • how you tackle transfer rights to other companies, foreign subsidiaries and partners

To give you, as an organisation, an idea on how you are scoring on each domain, Privatum created a compliancy check that results in a dashboard and a report on advised improvements.
You can request a Privatum GDPR compliancy check
  • as a one time audit to have an idea how compliant your organisation is

  • as a recurring monitor mechanism to check the progress on your GDPR compliancy level

This GDPR compliancy check is included in our “DPO as a service” offering.
Data subject rights
GDPR Principles
Organisational measures
Technical measures
Third party risks

Privacy audit

In a privacy audit we take a deep dive and investigate how you implemented compliancy of the GDPR in your organisation.
Here are a few examples of the checks we will do:
  • Evaluate if your record of personal data processes is complete with all required information and up-to-date
  • Check your privacy impact assessments

  • Discuss your privacy roadmap

  • Check how users can execute their rights

  • Check your organisational privacy procedures and investigate if your employees know and follow them

  • Go through your user privacy policy

The result of this audit is an extensive report with our findings on each check, recommendations to improve, and a list of non-compliant topics ranked by priority.

Privacy consultancy

If you already appointed a DPO, you can still ask for our help
  • to perform a data protection impact assessment on a new project

  • to be a sparring partner for your DPO

  • to strenghten your privacy team

  • to share our best practices

  • to organise awareness sessions for management and/or employees

  • to train your employees

  • to help you monitor privacy policies and procedures

User rights assessment

Customer Focus
The rights of the data subjects are the most important elements of the GDPR. In a user rights assessment we act as a data subject and test your employees and internal procedures when executing the right to:
  • request all the personal data you keep of a data subject

  • erase all the personal data you have and exclude from further processing

  • withdraw given consents

  • object against profiling

The outcome will be a report on our findings and a list of possible improvements.