The GDPR comes into effect on 25 May 2018. As our members continue their preparations, we have worked to provide specific tools and targeted events to support them in the IT implementation. Below, you can find tools relating to your relationship with your IT vendor, templates to use internally in your company, and presentations with insight from our events.
IT vendor-related tools
Payroll consultants/social secretariats have access to personal data on your staff. Beltug has developed a questionnaire that you can present to your payroll consultant to verify their own compliance with the GDPR, and to ensure they will process your data in full compliance with the regulation.
GDPR Vendor Assessment questionnaire, in cooperation with DPOffice (details + questionnaire)
Many things are at stake when preparing and maintaining your compliance with the GDPR. Beltug has created a list of core questions for you to ask your cloud providers. The list has been discussed with a select number of ICT/cloud suppliers, to gain their perspective and options for the best approach. We believe that this questionnaire will make a significant difference for companies on their way to GDPR compliance.
Template Data Protection Clause, in cooperation with Allen & Overy (after login)
Beltug and Allen & Overy have created a template that Beltug members can use for the data protection clause of their IT services contracts. You can use this template as a starting point, and then customise it to take into account the specific processing, as well as the roles of the Customer and Supplier. While it has been developed for contracts between two companies in the EU, you can adapt it with additional safeguards if this isn't the case.
Internal GDPR tools
Template consent notice, in cooperation with Allen & Overy (after login)
The GDPR lays out consent requirements for the use of personal data. Beltug and Allen & Overy have created a template for requesting consent from customers, staff and other individuals, which communicates how personal data will be used, processed, etc. Beltug members can use this template as a starting point, and then customise it to their specific situation.
Updated Presentation for your Board, in cooperation with DPOffice (after login)
Beltug members can use this presentation to inform their Board about the European Data Protection Regulation. Please feel free to use the slides and content as you wish, in your own templates and formats, etc. You may add or delete information according to your needs.
Data inventory, in cooperation with Cranium (after login)
Template (Excel) Register of Processing Activity: Data inventory first, compliance next! The road towards the GDPR starts with an inventory of the personal data you process. Indeed, data inventorying is an essential step in your preparation: your organisation needs an inventory of all the types of information it processes, how that data will be protected, where the sensitive data sits. This tool helps you getting started building your register, as required by Article 30 of the GDPR.
Beltug Privacy Council
Details and mission (no login necessary)
This special interest group for experts/practitioners in matters of privacy covers data protection in the business domain, including (but not limited to) the GDPR. Are you a match - and willing to commit? Contact Danielle to submit your candidature.
Takeaways and presentations on GDPR from our events (after login)
You can also check our Library page for more presentations from other events and activities.
Access to more information about this topic and/or to download the paper is easy and fast, but exclusively for Beltug members (just login to get access).
Beltug gathers a lot of information. Here you find the advantages of Beltug membership
The Beltug Team
Click here to login