Privacy – DPO

Elledue supports SME companies in the implementation of a GDPR system.
The development of an implementation project that is truly relevant to the specifics of the individual company involves the following development steps:

• Creation of a project plan;
• Definition of the Personal Data Policy;
• To make an inventory of data processing activities;
• To define the approach to manage the rights of data subjects;
• Implementation of the Data Protection Impact Assessment when necessary;
• Protection of personal data transfers;
• Check and possible adaptation of contracts with third parties;
• Ensure the security of personal and sensitive data;
• Define how to handle data breaches.

The correct implementation of the these steps is essential to avoid penalties imposed by the legislator in the case of data breaches or incorrect processing.
Elledue supports you throughout the entire process.

In the field of Personal Data Protection – REG. UE 2016/679, Elledue provides consulting services on privacy impact regulations and has the skills and knowledge necessary to carry out the role of DPO effectively and efficiently.

A Data Protection Officer (DPO) is required by the General Data Protection Regulation (GDPR).
The person must be competent in legal, IT, risk management and process analysis.
The DPO’s main tasks, pursuant to the regulatory provision of Art. 39 GDPR, are related to observation and evaluation of the management of the processing and protection of personal data in the company in compliance with privacy regulations.

The DPO is responsible for the monitoring of the compliance of the organisation, gives advice and guidelines on data protection requirements and acts as a point of contact between data subjects and the supervisory authority in charge. The DPO must operate using criteria of independence and impartiality.