General Data Protection Regulation (GDPR)

Protection of Personal Data and the Processing of Personal Data is part of the legal framework within the European Union. Companies and organizations have had to comply with this law under the supervision of the Data Protection Authority within their countries. We have assisted a number of companies with preparations for GDPR implementation and therefore have experience in the effective implementation of these rules. We have ready-made templates of policies, procedures and forms prepared by leading experts in the field of GDPR and have the relevant experience and knowledge to implement GDPR in your company effectively.

If you are setting up GDPR the main tasks are :

  • Conducting a GDPR status assessment
  • Setting up an implementation plan for the implementation of GDPR.
  • Writing and setting up all policy documents and privacy notices on both internal and external websites.
  • To prepare a detailed overview of how the company or organization takes the necessary organizational and technical measures for storing and processing personal data with regard to information security.
  • Register all processing operations for personal data. It is required to prepare a list of all processing operations and take a position on whether personal data is being processed or not.

​​More factors are also considered, such as the consent of registered individuals, risk assessment for the processing and registration of sensitive personal data, agreements with suppliers and much more, but the implementation of Data Protection in companies and organizations involves much more than just posting a cookie policy on an external website.

When it comes to companies that have already implemented GDPR, we use Microsoft Priva, which is a special solution on top of Microsoft 365. With this solution, you can automatically respond to requests from registered individual and manage these request efficiently. Microsoft Priva can automatically search your data estate for any reference to a registed individual while protecting 3 party instrests. As a Data Protection Officer you get the results of this search and can exclude or include data items. After approval the request is then sent to the person requesting the information.

Please send an email to infoguard@infoguard.is for more information