The European Union General Data Protection Regulation [EU GDPR is a regulation that sets mandates & guidelines for the collection & processing of Personally Identifiable Information [PII] from individuals who live in the European Union [EU]. Since the Regulation applies regardless of where the Data Processors are based, it is applicable to any system that has European Users, even if they do not specifically market goods or services to individuals residing in the EU. The EU GDPR mandates that EU Users be provided adequate data disclosures. The system must also facilitate a timely notification in the event of a Security or Data breach. Adopted in April 2016, the Regulation came into full effect in May 2018, after a two-year transition period.
GDPR compliance is required if you want to keep doing business in Europe. If you fail to comply with GDPR, your company could be fined up to 4% of its annual global revenue or €20 million (whichever is greater).
If your company handles the personal data of EU citizens—which includes email addresses, phone numbers, IP addresses and more—you must become GDPR compliant within 72 hours after becoming aware that an individual whose information is held by your organization has requested access.
Why is it worth your time?
Our customised procedure will help you establish the credibility of your business, become EU GDPR compliant by implementing all the necessary steps and actions in your organisation.
Neumetric’s InfoSec team undergoes training from the organisation to understand their business. Once complete, Neumetric starts creating ISMS policies that are required for the EU GDPR Compliance. A Gap Assessment is conducted on the organisation while the ISMS Policies are reviewed and approved by the management. An Implementation Plan is prepared based on the Gaps identified for the EU GDPR Compliance.
Based on the Implementation Plan, the gaps are remediated and the defined policies and procedural documents are implemented to bring procedural and cultural changes in the organisation. Post implementation, internal audit is conducted to review the closed gaps, newly defined processes and adherence to the EU GDPR Compliance.
Audit is scheduled with a reputed certifying body to conduct the external audit. The external audit is handled by Neumetric’s team of experts who are experienced in managing such audits for various standards and also relevant training is provided to the stakeholders to face the external auditors.
When you choose Neumetric to help you become EU GDPR compliant, you're choosing a partner who will guide you through the process of understanding your current data practices and requirements, creating a plan for compliance, and implementing the changes that are necessary. Neumetric is ready to work with you from start to finish so that you can meet the deadline without having to worry about the logistics or whether your business processes are up to snuff.
Our services include:
The General Data Protection Regulation (GDPR) is the toughest privacy and security law in the world. Though it was drafted and passed by the European Union (EU), it imposes obligations onto organisations anywhere, so long as they target or collect data related to people in the EU. The regulation was put into effect on May 25, 2018. The GDPR will levy harsh fines against those who violate its privacy and security standards, with penalties reaching into the tens of millions of euros.
Neumetric's EU GDPR Compliance services will make organisations EU GDPR compliant in just 3-4 months.
The GDPR requires businesses to take several steps to become compliant. These include but are not limited to:
The minimum size of a company that must comply with GDPR has been hotly debated among experts, but most agree that any company that processes more than 5,000 personal details on EU citizens per year must have a DPO on staff. This means that if you have a large number of customers in Europe, or if you're using data analytics to track people's behavior across multiple platforms (like Facebook), then it will be necessary for you to hire someone specifically focused on GDPR compliance.