GDPR
The General Data Protection Regulation (GDPR) is an European law designed to strengthen the data rights of the residents of the European Union (EU) and harmonizes the data protection laws across all member states. Making it identical in this way and bringing more transparency to the people about what data organizations collect and what purposes they use it for.
Personal data
Fundamentally, data plays a important role in almost all aspects of our lives. Your name, (email)address, credit card number and more are collected, analyzed or stored by organizations. Under the new GDPR terms, organizations will have to ensure that all these personal data is gathered legally and under strict conditions and that those who collect and manage the data are obliged to protect it from misuse and exploitation.
Controllers and processors
According to the GDPR organizations need to understand the difference between data controllers and data processors. The data controller determines the purposes for which and the means by which personal data is processed and therefore decides ‘why’ and ‘how’ the personal data should be processed. The data processor is normally a third external party and processes personal data on behalf of the controller. The duties of the processor towards the controller should be specified in a contract: the so called data processing agreement.
Data breach
The GDPR introduces the requirement for a personal data breach to be notified to the national supervisory authority. Although you may have taken every step necessary to minimalize risk, breaches are unfortunately never hundred percent preventable. Controllers and processors are therefore encouraged to plan ahead to be able to detect and immediately end a breach and to determine whether it is necessary to notify the competent supervisory authority and the individuals involved.
Fines
Failure to comply with the requirements of the GDPR can lead to high fines. To prevent that from happening Kiwa can help organizations in information and privacy security, with assessments, audits and certifications.
GDPR Services
-
PPI Quality and Engineering provides timely insight into your renewable energy operations with services and software solutions for quality assurance and asset tracking.Show
-
ISO 13485 is the medical device industry's quality management system (QMS) standard. The scheme specifies the requirements for a quality management system for medical devices.Show
-
ISO 50001 Energy Management system certification with Kiwa: conserve resources, save money and mitigate climate change.Show
-
ISO 22716 Cosmetics - Good Manufacturing Practices with Kiwa: Regulations for systematic and organisational product safety and quality control to be followed throughout the manufacture of cosmeticsShow
-
The MSC traceability standard is a globally recognised environmental certification scheme that allows you to market MSC certified fish and shellfish. The blue MSC label shows that fish have been caught in a way that creates healthy oceans and secures seafood supplies for the future - something that is important to your customers.Show
-
ISO 22301 Business continuity management system with Kiwa: Prepare for disaster, disaster, and accident-related business disruptions.Show
-
KRAV certification with Kiwa: prove the organic origin of your products, meet customer demands and sell in the Swedish market.Show
-
PPI Quality and Engineering provides independent verification and certification services (design appraisals, certification of assets, and certification of materials and components).Show
-
Petrographic analysis for quarries, mining and construction.Show
-
ISO 45001 certification can assist your company to meet legal obligations and licensing conditions, develop an effective methodology for identifying hazards within your workplace, and assess and control safety risks within your organisation.Show