The General Data Protection Regulation (GDPR) is the European regulation governing the processing of personal data. The protection of personal data encompasses the systems, policies and procedures used by companies to ensure the security of the data they process and to protect the privacy of the data subjects.
Any organisation (public or private, commercial or associative), regardless of its size, country of operation and activity, that processes personal data as long as it is established within the European Union or its activity targets European residents directly.
Because it is not an option ! One of the consequences of a company’s failure to comply is a financial penalty of up to 4% of the global annual turnover or a fine of 20 million euros ; not to mention the collateral damages such as deterioration of the brand’s image, loss of turnover in particular.
Adopted by the European Parliament on April 14, 2016, its provisions have been directly applicable since May 25, 2018. You should be in compliance with the GDPR since May 25, 2018 BUT it is never too late to do well!
LegalUP Consulting has developed an online audit tool covering all the processing performed by you and your ecosystem, which should help to identify the steps to be taken in order to comply.
Our online compliance audit :
The GDPR Compliance Tool is an online audit that allows you to accurately assess your organisation’s compliance with the GDPR. From the beginning of the audit, we will provide you with an attestation bearing witness of the compliance procedures undertaken by you with the firm. Your answers will also allow your online lawyers to send you a consultation with recommendations on the remaining steps, if any, to be implemented by your organisation to fully comply with the GDPR.
The questionnaire is extremely thorough and reviews all the personal data processing performed by you and your contractors. It encompasses all the questions that your organisation must ask itself, starting with a cartography of the processed data, the legal bases chosen, the review of the unavoidable principles governing the processing, the processes to be established, the documentation to keep up to date, the respect of the principles of “Accountability”, security measures for information systems, the supervision of data transfers (especially outside the EU) etc.
Your answers to the GDPR Compliance Tool questionnaire are covered by professional secrecy and confidentiality of exchanges under the conditions defined by the National Regulations of the Lawyer’s Profession and the Rules of Procedure of the Paris Bar.
Your compliance with the GDPR using the GDPR Compliance Tool is done in three stages:
Access to the GDPR Compliance Tool
First, you will need to download, sign and return by email the signed engagement letter, then proceed to the payment.
You will find all the necessary information concerning the engagement letter and the payment on the service order page, accessible by clicking on the button at the bottom of this page. If you have questions about the questionnaire, or would like more information on it, you can make an appointment online for a 15-minute telephone conversation with our teams, who will answer your questions. To do this, please click on the button below.
You carry out your audit
Once we receive the signed engagement letter and the payment, we will grant you access to the questionnaire. You may then respond to the different questions in order for us to assess your organisation’s compliance with the GDPR.
This stage is accompanied by personalised support. As part of this offer, we offer two hours of telephone support (forty-five minutes upon receipt of the questionnaire, thirty minutes at “half-way” and forty-five minutes of personalised support freely available to you to make use of, at any time, helping you to carry out your audit in an ideal way. Appointment bookings for these calls will be done online following the reception of the questionnaire).
Execution from LegalUP Consulting
LegalUP Consulting’s teams will study all your answers and will get back to you within ten working days with a consultation sent by email and/or by post. The purpose of this consultation is to list the remaining steps, if any, to be implemented by your organisation in order to fully comply with the GDPR.
If the answers to the online audit reveal that your organisation is in compliance with the GDPR on the day of the execution of the service, the consultation will acknowledge the steps taken with our firm, expert in the protection of privacy and personal data and confirm your compliance with the GDPR.