In April 2018, we were contacted by a client who is engaged in international transport of goods with a request to assist him in preparing documents for compliance with the General Data Protection Regulation which entered into force on 25 May 2018. We advised the client that besides the preparation of the documents it is necessary to implement the regulation from a technical side, for which the assistance of IT specialists is necessary. Our client cooperated us by answering all the questions we asked in the course of our work, which has made it easier for us to prepare the complete set of documents including various types of requests, declarations, notifications, confirmations, agreements, contracts, data protection policy, protocols, internal procedures, verification and control procedures, forms of providing information, etc. In addition to the above documents, we also drafted a Privacy Policy containing the information specified in Article 13 of the Regulation, which has to be published on the client’s website.
The client was consulted that there is no need to engage a data protection officer. In addition, the client has been provided with a number of materials that we have drafted and which materials contain useful information, including:
- A manual containing practical steps to implement the General Data Protection Regulation.
- A manual containing a detailed description of the duties of the data controllers.
- A manual containing a detailed description of the rights of the data subjects and the terms and conditions for exercising the rights of data subjects under the Regulation.
- How to Prepare your website for the GDPR;
- Rules for working with clients and personal data;
- Terms for storing documents.
The client had the opportunity to ask questions during the work process as well as after that. The project was completed within the agreed period, before May 25, 2018.