Policies and Procedures
Under the regulation there is a requirement to document and evidence your organisation compliance with the GDRP. IDPAA can support your organisation through the creation and implementation of the following policy’s.
With all policies and procedures, provided we operate a knowledge transfer process so as your policy is being developed, we also provide clear guidance and understanding of your obligations to each policy:
Data Protection Policy
Fair Notice of Processing- Privacy Statements and Cookie Statements (Website)
Breach Notification Policy & Procedures
Data Subject Access Policy & Procedures
Data Retention Policy & Procedures
Data Deletion Policy & Procedures
Data Security Policy Digital & Physical
CCTV Policy & Procedures
BYOD Policy & Procedures
Data Transfer Agreements
Controller/Processor Agreements
Processor Audit Documentation (supply and review)
Personal Data Inventory Documentation & Guidance
Legitimate Interest Assessments (including supporting documentation & guidance)
Model Contracts
Guidance on Employee Handbook (Data Protection Updates)
Data Protection Impact Assessment- Documentation & Guidance