The General Data Protection Regulation (GDPR) will be enforced on 25 May 2018, at which point non-compliant organisations are exposed to heavy fines. These could be as punishing as 4% of global turnover or €20m per incident.
We guide our clients through the comprehensive transformation required to prepare for the regulation, and our consultants will serve as compliance partners once the regulation becomes enforceable law. Our services are primarily focused on compliance within Digital Marketing.
We also contribute actively to industry and government task forces, as we strive to help the EU protect people's data globally.
Our GDPR services cover four key areas:
The GDPR is complex and is not always clear about what brands and publishers are required to do once it's enforced. We guide our clients through the full implications of the regulation in a practical briefing session, bringing executives and senior management fully up to speed and kick-starting preparations. The briefing is hosted on-site at our clients' offices as an interactive workshop.
All companies face a different level of exposure to risks involved in non-compliance with the GDPR. We run comprehensive impact assessments focused on Digital Marketing that are optimised to visualise all risks clearly to our clients. The assessment also delivers a full project plan detailing the steps required to comply with the regulation. We use proven methodologies to conduct the assessments efficiently and fast.
Preparing an organisation for the GDPR requires extensive collaboration and stakeholder alignment between internal teams and all relevant technology suppliers and agency partners. We guide our clients towards compliance on their Digital Marketing activities, orchestrating projects and guiding stakeholders as independent and unbiased experts.
The GDPR requires companies that meet specific criteria to appoint a DPO. We have ECPC-B certified consultants who help set up the DPO function and train the appointed person in the field of Digital Marketing with a focus on GDPR compliance. We help set up and execute oversight and reporting tasks, advise on privacy and data protection issues, and report directly to the board.