GDPR

The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years.
Riskpro India now offers Indian companies Data Protection assessments, GDPR reviews and gap assessments to help companies adopt and implement the new GDPR regulations.
Why Riskpro
Riskpro has a team of 8 GDPR consultants and we are adding the team members with each passing month. Some of us are also CIPP/E certified. Riskpro has more than 250 clients and we have been in business for over 7 years.
GDPR Challenges for Indian Companies
- How to carry out online marketing in a GDPR compliant manner
- Proper use of cookies and cookie policy / consent
- Obtaining consent and sending direct marketing material
- Does GDPR apply to me
- What is GDPR. It is so complex. We need to be GDPR compliant etc.
GDPR is a complex law and your challenges and questions will be many. Fortunately, we have some practical experience as we have helped more than 20 companies with GDPR compliance.
GDPR Methodology
Our assessment methodology addresses the following key aspects of the regulation.
- Principles relating to personal data processing
- Scope determination and application to your company
- Categories of Personal Data
- Rights of data subjects
- Obligations and Controllers and Processors
- Data Protection by Design
- Reporting Security Breaches
- Information Security standards
- Appointing Data protection Officer
- Data transfer outside of the EU
- Governance Obligations
To get an assessment and consulting done for your company, please drop an email to info@riskpro.in or call 9833767114.
DPO Services
The GDPR allows for filling the role with an external consultant or a company. Outsourcing the role of DPO, in this case, makes sense.
The Our DPOs address privacy and data protection tasks that face your organization. We undertake periodic privacy training for your staff including induction training. We also serve as a touchpoint to discuss your privacy issues. Our DPO expert is likely to have most of the answers.
Contact
Manoj Jain - manoj.jain@riskpro.in
9833767114
FAQs
1: What is GDPR?
GDPR stands for General Data Protection Regulation. It is a comprehensive data protection law that came into effect on May 25, 2018, in the European Union (EU). The GDPR aims to protect the privacy and personal data of EU citizens and residents by setting out strict rules and regulations for how organizations handle and process personal data.
2: Who does GDPR apply to?
GDPR applies to any organization that processes the personal data of individuals residing in the EU, regardless of the organization's location. This means that companies outside the EU must comply with GDPR if they offer goods or services to EU residents or monitor their behavior.
3: What is considered "personal data" under GDPR?
Personal data under GDPR refers to any information that can identify an individual directly or indirectly. This includes names, addresses, email addresses, IP addresses, social media posts, financial information, and even sensitive data like health information or biometric data.
4: What are the potential penalties for non-compliance with GDPR?
Organizations found to be in breach of GDPR can face severe penalties, including fines of up to 4% of their global annual turnover or €20 million (whichever is higher). Lesser violations may result in fines of up to 2% of global annual turnover or €10 million (whichever is higher).
5: Can organizations transfer personal data outside the EU?
Yes, organizations can transfer personal data outside the EU, but they must ensure that the receiving country offers an adequate level of data protection. Adequacy can be determined through approved mechanisms like the EU-US Privacy Shield (currently invalidated) or by using Standard Contractual Clauses (SCCs) approved by the EU Commission.
6: Is GDPR a one-time compliance effort?
No, GDPR compliance is an ongoing process. Organizations must continuously assess and update their data protection practices, conduct regular risk assessments, and adapt to changes in data processing activities to maintain compliance with the regulation.