The GDPR applications and fines are constantly evolving. Do you know if you’re compliant?
The General Data Protection Regulation, enacted by the European Union, is the most comprehensive privacy law in the world. The GDPR became enforceable on May 25th 2018 - The regulation applies to the collection of data from people located in the European Economic Area (EEA), not only to the 28 European Union member states but also to the EFTA States of Iceland, Lichtenstein and Norway, regardless of nationality or citizenship.
How does GDPR affect your business?
GDPR updated existing Data Protection laws from the 1990’s to regulate the exorbitant amount of data being collected, through existing technology. The changes to data protection and privacy laws will change the way companies operate, collect data, design their websites, market to and communicate with their customers. With what the term "data" now encompasses, the impact of a data breach have compounded.
The expansion of the definition of "data" to include not just personal data such as name, e-mail address, phone number and sensitive data like health, religious, political and philosophical beliefs, etc. but also location and pseudonymized data such as, IP addresses, cookies, telemetry, MAC addresses, mobile device ID's, RFID tags means your website is likely to collect data from people located within the EU that would require your compliance with the GDPR to avoid a fine which may be up to 20 million Euros or 4 percent of annual global (global) turnover, whichever of both is highest.
Kinney Firm GDPR Compliance Services
There isn’t really a one size fits all approach to GDPR compliance because an organization's goods, services, industry, technology, privacy knowledge, and privacy framework knowledge vary widely. It’s important to engage the services of a privacy professional with GDPR experience to assess where you are and make the recommendations necessary to fill any holes or close any gaps in your data protection and privacy frameworks.
- Data Protection Impact Assessment (DPIA) - Kinney Firm can assist your developer or technology department in mapping your data collection practices, assessing risk, advising and revising based on best practices and applicable law, and documenting the results and steps taken to protect data.
- Privacy Consulting
- GDPR Compliant Privacy Policy and Cookie Notice
- Data Processing Agreements
- Dedicated Privacy Officer
- Privacy Training
Schedule Your GDPR Consult
Schedule a 1 hour GDPR consultation to discuss your organization’s privacy needs. If you have any existing DPIA’s, privacy policies, cookie notices, employee handbooks, please have those ready to be reviewed and discussed during the consultation. Recommendations regarding what services you may need and the associated time and cost will be determined from our discussion and provided in an email afterward.