GDPR Check

Correct implementation of EU data protection regulations

The GDPR took effect on May 25, 2018, leading to changes for businesses both in Europe and beyond. Many companies now have to adapt their processes and structures to comply with the new regulations. Our comprehensive GDPR consulting services and individual analyses, support organizations seeking to implement the new data protection guidelines.

GDPR consulting by DEKRA

With our GDPR check you can have your guidelines checked to ensure your data protection processes comply with current EU GDPR standards.

Implementing data protection according to new standards is advisable for every company, since failing to do so entails numerous risks. Our GDPR Check for small and medium-sized organizations is a cost-effective, time-saving alternative to an expensive external audit that takes several days to complete. External auditors also generally employ methods suited to large companies and end up including aspects that do not apply to smaller businesses. Our EU GDPR Check, on the other hand, takes into account the particularities of small and medium-sized companies.

Your Benefits

  • A reputation for data protection compliance and respect for privacy
  • Freedom from fines and liability related to data protection infractions
  • No risk of injunctive relief ordered by supervisory authorities
  • Confidence in maintaining rights and coverage with insurance companies and others

Our Approach

The GDPR Check utilizes a questionnaire to discuss the various guidelines with the company's data protection officer and to identify possible weak points with regard to data processing. The results of this conversation provide the basis for further measures to ensure compliance.

Our GDPR check takes one day, during which we work closely with the company’s data protection officer to determine to what extent the company complies with the basic data protection regulations and where there is a need for action. The following points are addressed:

  • Management strategies for data protection: The presence of the managing director is also advisable here.
  • Obligation to report in the event of data protection violations: Procedures are recorded and incorporated into the management system.
  • Appointment of a data protection officer: The data protection officer should be provided by the company or the IT service provider. However, the responsibility lies with the managing director.
  • Overview of processing activities: Transparency is a pillar of the GDPR guidelines, which is why processing must also be disclosed.
  • Lawfulness of processing: The processing of personal data must be carried out in accordance with certain guidelines. For example, not every employee may have access to personnel files.
  • Rights of data subjects: Clear rules should be communicated here as part of data processing transparency. Everyone in the company has the right to inquire.
  • Processing of special data: This includes the aforementioned personal data to which access is limited and requires special authorization.
  • Order data processing: Regulations ensure that order data is processed according to certain criteria. For example, customer account data or passwords must not be accessible to those not working directly with the customer.
  • Data transmission to third countries: Data protection applies not only to the country in which the data is collected, but also to other countries.
  • Technical measures: Our EU GDPR check reviews the technical implementation required by the regulation as well as organizational planning.
  • Risk and protection needs assessment: The EU basic data protection regulation requires that possible data protection risks be identified.
  • Awareness measures: Comprehensive support for employees ensures that their data is not passed on to third parties and that the employees themselves are informed about data collection.
  • Advertising / website / consent: The EU data protection basic regulation includes internet platforms. For example, the company's website must openly communicate certain information, such as user behavior analysis, on the data protection pages.

Why DEKRA?

  • We support you with trained data protection experts who perform the GDPR Check and assist with the adjustment of your data protection guidelines.
  • We offer a time-saving and cost-effective alternative to GDPR consulting.
  • We have years of experience and are experts in the field of data protection and cyber security.