Skip to main content
-
Can data subjects easily access, rectify and erase their data?
-
Does your organisation have offices, servers,… outside the EU?
-
Are you using cloud services to process customer data? Are these GDPR compliant?
-
Do you have a subcontractor outside the EU?
-
Will your organisation process and/or store all customer data within the EU?
-
Are all your employees trained on GDPR Data Protection compliance?
-
Will you secure personal data at rest through encryption, pseudonymisation and/or anonymisation rules?
-
Will you secure personal data in transfer through encryption, pseudonymisation and/or anonymisation rules?
-
What are the data retention policies for DESelect?
-
Did you define your data retention rules?
-
Do you have a Data Protection Policy in place?
-
Is DESelect GDPR Compliant?
-
Have you updated all of your policies to include and meet GDPR regulations?
-
Have you appointed a Data Protection Officer?
-
Do you perform third-party security audits / due diligence checks on the companies you collaborate with?
-
Are you able to guarantee that the amount of personal data collected will be strictly limited to that which is necessary for the optimal use of any new product, service or application?
-
Do you have an impact assessment process in place (one that will be applied and documented for each process that presents a risk)?
-
Do you keep a registry of all operations performed on personal data related to the following processes: collection, storage, use, sharing and destruction?
-
Have you performed a data processing audit, identifying all the elements requiring modification within your current data processing activities?
-
Do you know how personal data is stored, processed, shared and used within your organization?