As we have seen, the RGDP is mandatory for EU companies, so we bring you the advice you should follow in your office.
One of the first things you must do when implementing the GDPR is to analyze your data policy; you must inform users clearly and transparently how you will treat their data.
You must have a data protection form that users must read and accept to use them.
2. Comply with the rights of users
Your company must comply with all data protection rights of users. Among those that stand out:
Right of deletion: Any user has the right to delete their information from your database whenever they wish.
Right of access: people can obtain information about whether their data is being used, the purpose of that use and the origin of said data.
Right of rectification: the user’s right to modify personal information that turns out to be inaccurate or incomplete.
Portability right: the right to receive personal data processed by a data controller.
3. Inform users in the event of a leak
What happens if a data breach occurs? Do you need to inform your users? Clearly yes.
A data breach means a user’s personal information is exposed on the internet.
In the event of a data leak due to a hack or computer failure, you must let the users know. The company has a period of 72 hours to send it to users.
4. Assign a data protection officer
Another thing you must do to comply with the GDPR in the office is to assign a person in charge and a person in charge of data protection to help you comply with the regulations.
We recommend that you go to our services to consult doubts and implement all the mandatory registrations of the RGDP.
5. Certify GDPR compliance
Certification of GDPR compliance is not mandatory, but it is good to ensure that your company acts in compliance with it. There are different mechanisms to demonstrate compliance with the GDPR:
- Documentation of the measures taken.
- Codes of conduct.
- Certification mechanisms.
- Responsible declaration
The most important thing is to take care of our clients and be transparent when dealing with their data. Do everything possible to comply with the regulations, thus offering security and an excellent image to your company.
Compliance with the GDPR, as we have explained, is essential, and you must know how to apply it correctly. From wpkraken we solve all the doubts that may arise; contact us.
We will be delighted to welcome you and provide you with the best service.