With the improvement of new technologies, digitalisation and the increase of the information flow about individuals, data protection become essential.
Our Privacy Division operates within the Group with the aim of ensuring the correct compliance with the current Data Protection legislation.
Preparation of the required documentation for full compliance with the GDPR.
In compliance with art. 30 GDPR.
Where necessary, assessment of the need to perform and execution of a DPIA.
Drafting and implementation of the necessary procedures for the departments/offices, to ensure the compliance of business processes with the legislation on personal data and the identification of appropriate controls.
Assessment of the security level which Data Controller should ensure in order to prevent the loss of integrity, availability and confidentiality of data.
As a result of the internal verifications, we can proposed an organizational model privacy with delineation of the figures and the relative tasks and responsibilities.
Evaluation and support in development of new projects based on the above principles.
Support in responding to interested persons.
To ensure the compliance of the regulatory and procedural plant company with the provisions contained in EU Regulation 679/2016 (GDPR), as well as all requirements regarding the protection of personal data, it is essential to highlight any deficiencies in the privacy management system in use within the organization and define the measures to adapt to the Regulation.
The results of the checks carried out will provide information on the compliance status found within the organization, the level of risk detected, the priorities for action, the actions to be taken for full compliance.
The team will constantly support the organization and in particular the DPO, if designated, through documents that ensure the effectiveness of the privacy model implemented and can also proceed to internal and external audits.
Provide privacy training to make authorized persons aware of the processing of personal data that they carry out on a daily basis and to limit and reduce security risks, as well as to avoid incurring sanctions.
Sharing with the internal referents of the topics the training on the different treatment areas and roles, in order to differentiate the training according to the functions and critical issues typical of each treatment process.
Provision of training in different ways, depending on the needs: in the classroom, remotely, manual.
There may also be specific tests to verify the degree of learning.
Audit activities on behalf of the organization, on third parties to verify the implementation of adequate security measures, the compliance with the instructions provided and, to formalize, for each control, evidence within an audit document.
With the improvement of new technologies, digitalisation and the increase of the information flow about individuals, data protection become essential.
The entry into force of European Regulation 679/2016 has further strengthened (also in the view of the accountability principle) the measures that should be implemented by organizations that carries out processing of personal data, in order to protect the fundamental rights and freedoms of individuals. A proper approach to this should take into account both compliance with current regulations and business needs, as well as requires an analysis and a review of the internal organizational and technological context, in order to reduce sanctioning risks and to optimise internal processes.
Our Privacy Division operates within the Group with the aim of ensuring the correct compliance with the current Data Protection legislation.
Preparation of the required documentation for full compliance with the GDPR.
In compliance with art. 30 GDPR.
Where necessary, assessment of the need to perform and execution of a DPIA.
Drafting and implementation of the necessary procedures for the departments/offices, to ensure the compliance of business processes with the legislation on personal data and the identification of appropriate controls.
Assessment of the security level which Data Controller should ensure in order to prevent the loss of integrity, availability and confidentiality of data.
As a result of the internal verifications, we can proposed an organizational model privacy with delineation of the figures and the relative tasks and responsibilities.
Evaluation and support in development of new projects based on the above principles.
Support in responding to interested persons.
To ensure the compliance of the regulatory and procedural plant company with the provisions contained in EU Regulation 679/2016 (GDPR), as well as all requirements regarding the protection of personal data, it is essential to highlight any deficiencies in the privacy management system in use within the organization and define the measures to adapt to the Regulation.
The results of the checks carried out will provide information on the compliance status found within the organization, the level of risk detected, the priorities for action, the actions to be taken for full compliance.
The team will constantly support the organization and in particular the DPO, if designated, through documents that ensure the effectiveness of the privacy model implemented and can also proceed to internal and external audits.
Provide privacy training to make authorized persons aware of the processing of personal data that they carry out on a daily basis and to limit and reduce security risks, as well as to avoid incurring sanctions.
Sharing with the internal referents of the topics the training on the different treatment areas and roles, in order to differentiate the training according to the functions and critical issues typical of each treatment process.
Provision of training in different ways, depending on the needs: in the classroom, remotely, manual.
There may also be specific tests to verify the degree of learning.
Audit activities on behalf of the organization, on third parties to verify the implementation of adequate security measures, the compliance with the instructions provided and, to formalize, for each control, evidence within an audit document.
info@kireygroup.com
57, Via Benigno Crespi
20159 Milan
Società soggetta a direzione e coordinamento di Kirey S.r.l.
Registered Capital €1.089.620,00
Registered Capital €1.089.620,00 kirey@pec.it
© 2023 | Designed by Kirey Group
Email: info@kireygroup.com
57, Via Benigno Crespi – 20159 Milan