Four steps towards a solid privacy policy

  1. On-site interviews

    During one or more on-site interviews with key figures within your organisation, our compliance advisor will map out your organisation from the viewpoint of data protection and privacy. Using the insights gained from this study, the optimal course towards compliance will be plotted. During this phase, it will also be determined whether or not it's required or desirable for your organisation to employ a Data Protection Officer (DPO). If so, our compliance advisor will help you determine the scope of this position. Optionally, one of our Interim DPO’s may be employed to minimalise the workload of your employees.

  2. Inventarisation and formulating your privacy policy

    Our compliance advisor will assist you in making an inventory of your organisation's processes in which personal data plays a part. Based on the completed inventarisation, so-called “Privacy Impact Assessments” (PIAs) may be drafted. The inventarisation and assessments form the basis of your privacy policy and the measures that must be implemented in order to comply with the regulations. The privacy policy will be documented in an internal policy paper, describing the exact ways in which your organisation engages in data protection.

  3. Implementation of privacy policy measures

    Now that the privacy policy of your organisation has been documented and an inventory has been made of all privacy risks, implementation of the proposed measures can begin. You are free to manage the implementation of these measures yourself, but you also have the option of assistance from our multidisciplinary team of compliance advisors, lawyers and ICT professionals.

  4. Training and Awareness

    There are many facets to the proper protection of personal data, which makes it important to ensure that your employees are aware of the risks and measures that were taken to comply with the regulations. We can assist you in training and informing your employees, thus creating broad awareness of the projected privacy policy of your organasation.