How to comply with GDPR? Compliance can be difficult to achieve if you don’t know where to start.
Here you’ll find 5 easy things you can do to help with GDPR compliance. Let’s start!
You can’t start collecting and processing users’ data without a legal basis, that is the legal reason for doing so. The GDPR has six legal bases and yours MUST genuinely apply to your particular business and processing activity.
Now that you have your legal basis, you need to create a document to inform your users about your activities. More specifically, you need to disclose why you’re processing personal information and how you do it: it’s a crucial step in how to comply with GDPR. That’s what a privacy policy is for!
From the dashboard within the Privacy and Cookie Policy Generator:
If you’re relying on consent as your legal basis, there are a few rules. Since consent is such a big deal, the GDPR requires that you keep clear and detailed records of consent. You need to be able to prove that you’ve acquired consent lawfully, and records can help you with that.
Moreover, you may need to keep a record of how you store and use the data you collect from users. This means data retention policy for each processing activity, security measures, legal basis for processing, data transfer outside the EU, and the parties that you share the data with.
If your company’s activity falls under specific categories, you need to appoint a Data Protection Officer (DPO). The DPO ensures that the personal data of their organization’s employees, customers, providers, or other individuals is processed following the applicable data protection rules.
No, not necessarily. We know that GDPR compliance can be tough, so you can either choose to consult with a legal expert, or rely on quality software, like iubenda!
iubenda can help you achieve GDPR compliance with a comprehensive set of tools:
