GDPR Overview


GDPR is the shorthand for the General Data Protection Regulation, which is the name of a keystone EU document regulating data privacy that has gone into effect in May 2018. This law is a subject of debate in many countries due to its strict stipulations, but in essence it is designed to protect individuals rather than to impose unfair controls. Of course, many companies that regularly process user data are still searching for answers on how to stay in compliance with GDPR, and they may require assistance from a specialized company like Technitos in this matter.

We believe GDPR compliance is more than just adhering to the letter of the law. It’s very important to understand the principles upon which this piece of legislation was built to fully grasp the implications of a good data privacy policy. Considering the scale of online information exchange that the average company is involved in on a daily basis, the stakes are extremely high both for business owners and end-users. Strong regulation is simply necessary in such conditions, so it’s just a matter of time before companies learn to see it as an advantage rather than a hindrance. The transition period is still ongoing, so it remains to be seen how much time it will take before compliance becomes routine.

Technitos Commitment


At Technitos, we take integrity and transparency very seriously and those qualities are apparent in all of our policies and projects. This is why it’s not hard for us to adapt to the more stringent requirements, or to find creative ways to ensure that functionality and compliance are never in conflict and that data security and availability are never in question.

How we practice compliance


We use the ISO/IEC 27001 standard as the blueprint for responsible, traceable, and above all legal data processing and storage procedures that we recommend to our clients and deploy in our own solutions.

Assessment

Everything starts from a Privacy Impact Assessment (PIA), which allows us to identify sensitive data and potentially vulnerable spots. This stage also includes GDPR awareness training for management and staff.

Transformation

Following the updates of PIA, we proceed to define the Consent Management Mechanism and the scope of rights that data owners are guaranteed. The transformation truly begins with revisions of privacy policies and data collection/storage/management practices

Confrontation

The most crucial stage during which our full GDPR framework is released and used to alter the Customer Agreements in order to ensure they meet the high standards set by the EU.

Continual Improvement

Compliance is a permanent obligation, so we perform periodic reviews of PIA and GDPR framework and audit whether the implemented measures meet the intended objectives while also continuing with training and education activities.