Data Privacy Service

Data Privacy Service
Services

Data Privacy Service: Protect your company by complying with the GDPR

In an increasingly digitalized world, the protection of personal and business data is essential. The data privacy service that we offer at Windat is designed to ensure that your company complies with the General Data Protection Regulation (GDPR), protecting you from possible sanctions and improving your customers' trust.

What is the Data Privacy Service?

The data privacy service encompasses all the actions necessary to ensure that companies comply with legal regulations related to data processing and security. At Windat, we accompany your organization at every stage of the process to ensure comprehensive compliance with the GDPR and other regulations such as the LSSI-CE.

GDPR compliance

The main stages for a correct implementation of the General Data Protection Regulation are:

This includes tasks to perform such as:

Identify existing treatments that can be considered containers of personal data.

Establish which is the person identified as responsible of the treatment and in charge of the treatment within the company, who will be responsible for authorizing the rest of the users to process personal data as well as identifying persons authorized for data processing, either for their work or external development.

Set if necessary DPO.

Specify the people who, due to their work development in the company, have access to personal data, and through which system they do it.

Identify authorized persons to deal with personal data outside the premises of the controller, either physically on paper, or via portable devices such as computers, tablets or smartphones.

Analysis of the groups of Data Processing groups as well as the Automated and non-automated technical and organizational security measures.

Risk analysis that a certain treatment may have the right of affected data, with the aim of adopting the necessary measures to eliminate or minimize them.

Detail procedure of actions.

Establish what the systems are, telematic and/or manual, through which personal data is accessed by people linked to the company, whether they are employees, self-employed or collaborators.

Detail the procedures of backup copies, data recovery, transfer, destruction and the registration of incidents and the registration of notifications of security violations to the Control Authority.

Drafting of contracts "Confidentiality and Secrecy" personalized and incorporated into the Safety Document with all the company's workers.

Drafting of "Service Provision Contracts with access to third party data" customized and incorporated into the Security Document with the main suppliers who have access to data, as Data Processors. The main "Processors" will be consultancy/management, software providers, computer maintenance, legal advisers and lawyers, notaries, etc.

Drafting of "Service Provision Contracts without access to data" personalized and incorporated into the Security Document. The main services that access the facilities where the data are located but do not have direct access to data are usually: cleaning service, maintenance of fire extinguishers, maintenance of elevators or elevators.

Personalized writing of the RGPD legal clauses in all those forms or documents where there is personal data, such as: estimates, orders, e-mails, customer files, commercial actions, invoices or contracts.

Drafting of internal procedure for the fulfillment of the rights of the interested party (access, rectification, cancellation, opposition (former ARCO rights), right to be forgotten, right to deletion, right to limitation of processing and right to portability.

Collection of all measurements and data in the security document and electronic sending.

The Registration of Treatment Activities, both as responsible for the treatment, as in charge of the treatment, if applicable.

Documentation of therisk analysis performed

The Impact Assessments regarding Data Protection, if applicable.

the security measures implanted the functions and obligations of staff with access to personal data.

Request information without obligation and ensure your company's GDPR compliance.

Data Privacy Service
Scroll to Top