Synesis Stratus provides the implementation of the full range of measures for GDPR (General Data Protection Regulation) compliance. The Customer will have the package of all necessary documents, built-up business processes of the personal data management system, as well as an information security system that meets industry standards.
The services may include training of the Customer's employees to work with personal data in accordance with GDPR provisions as well as consultations while conducting internal administrative procedures (Data Protection Impact Assessment).
Problems solved:
The services may include training of the Customer's employees to work with personal data in accordance with GDPR provisions as well as consultations while conducting internal administrative procedures (Data Protection Impact Assessment).
Problems solved:
- fulfillment of the requirements of european partners on the availability of the company's own data protection processes in accordance with the GDPR;
- compliance with all data protection principles in accordance with the GDPR and their implementation in user policies;
- designed information security system;
- processors control;
- increasing the level of competence of the Customer's employees in the sphere of data protection.
Service stages
Audit
Conducting an audit of Customer's information systems, services' specifics, data map and existinginternal business processes
Report on GDPR applicability
Preparing the Report on GDPR applicability to Customer's company or project
Information security system
Designing an information security system if necessary
Users interaction
Development of GDPR user documentation (privacy policy, cookies policy, terms of service, etc.)
Partners interaction
Development of partner documentation (Data Processing Agreement, interaction regulations, etc.)
Local acts
Development of local act in accordance with GDPR (information security policy, regulations on data processing, etc.)
Personal Data Management System
Building a personal data management system (procedures for responding to user requests, regulators, procedures for mandatory informing and actions in the case of data breach)
Staff training
Training of the Customer's employees to work with persona data in accordance with GDPR and increasing their competence in data protection
Administrative procedures
Conducting administrative procedures (Data Protection Impact Assessment, Legitimate Interests Assessment)
If Customer has information systems in which personal data of european citizens and personal data of individuals under Belarusian legislation are processed, Synesis Stratus will ensure designing of information security system that complies with the requirements of both European legislation (GDPR) and Belarusian legislation in the sphere of data protection and cybersecurity.