GDRP Checklist
General data protection regulation
Last updated
General data protection regulation
Last updated
On May 25, 2018, a new law went into effect for all countries in the EU: the General Data Protection Regulation (GDPR). The GDPR replaces the previous law, the Personal Data Protection Act. The new law includes more obligations for companies and organizations that process personal data. To stay well informed on this topic, we recommend the following:
Study the information about the new legislation on the Personal Data Authority site.
Read the GDPR legislation.
Follow the checkpoints on the GDPR Checklist.
Make sure your websites can only be visited via https. Also, for practical and search engine reasons, we strongly recommend that you provide your website with full SSL.
As a company, it is important to show which data you process and what for. You can do this by having a Privacy page on your website.
It is important that you also use an SSL connection for your e-mail. If you donβt have this, your network is completely readable by someone else. So make sure your emails are only sent and retrieved securely.
Provide a signed β processor agreementβ and other data processors applicable.
An optimally secure website is important, especially for items that contain personal data.
Consider the following:
Fines for violations of the law
The rights of involved parties
Maintaining a processing activity register
The possibility that clients may need to conduct a Data Protection Impact Assessment
Privacy by Design & Privacy by Default
Assigning a Data Protection Officer