Organisations that profile themselves as specialists in the field of General Data Protection Regulation are mushrooming. It is not uncommon for providers to use the fears of clients as a basis for their services, and providers have even been known to state they can provide a GDPR quality label or work together with the Dutch Data Protection Authority.
These are fables; there is no such quality label nor does the Data Protection Authority work with commercial parties. It is therefore up to you to assess what safeguards should be in place in your organisation in order to ensure that you are in ‘compliance’ and can explain – if requested – to the Dutch Data Protection Authority, or to individuals whose personal data you process, what choices you have made for what reasons. What personal data do you process, how long do you store it, who has access to it, are processor’s agreements in place where required, how do you handle a potential data leak, et cetera. You will have peace of mind when you know you have deployed experienced professionals here. You can focus on your core business while we support you in this area.