The General Data Protection Regulation (GDPR) is an European law designed to strengthen the data rights of the residents of the European Union (EU) and harmonizes the data protection laws across all member states. Making it identical in this way and bringing more transparency to the people about what data organizations collect and what purposes they use it for.
Fundamentally, data plays a important role in almost all aspects of our lives. Your name, (email)address, credit card number and more are collected, analyzed or stored by organizations. Under the new GDPR terms, organizations will have to ensure that all these personal data is gathered legally and under strict conditions and that those who collect and manage the data are obliged to protect it from misuse and exploitation.
Controllers and processors
According to the GDPR organizations need to understand the difference between data controllers and data processors. The data controller determines the purposes for which and the means by which personal data is processed and therefore decides ‘why’ and ‘how’ the personal data should be processed. The data processor is normally a third external party and processes personal data on behalf of the controller. The duties of the processor towards the controller should be specified in a contract: the so called data processing agreement.
The GDPR introduces the requirement for a personal data breach to be notified to the national supervisory authority. Although you may have taken every step necessary to minimalize risk, breaches are unfortunately never hundred percent preventable. Controllers and processors are therefore encouraged to plan ahead to be able to detect and immediately end a breach and to determine whether it is necessary to notify the competent supervisory authority and the individuals involved.
Failure to comply with the requirements of the GDPR can lead to high fines. To prevent that from happening Kiwa can help organizations in information and privacy security, with assessments, audits and certifications.
PPI Quality and Engineering provides timely insight into your renewable energy operations with services and software solutions for quality assurance and asset tracking.Show
ISO 13485 Medical Devices Certification with Kiwa: ensure quality, build trust and comply with regulations in the medical devices sector.Show
ISO 50001 Energy Management system certification with Kiwa: conserve resources, save money and mitigate climate change.Show
ISO 22716 Cosmetics - Good Manufacturing Practices with Kiwa: Regulations for systematic and organisational product safety and quality control to be followed throughout the manufacture of cosmeticsShow
The MSC traceability standard is a globally recognised environmental certification scheme that allows you to market MSC certified fish and shellfish. The blue MSC label shows that fish have been caught in a way that creates healthy oceans and secures seafood supplies for the future - something that is important to your customers.Show
Sedex Members Ethical Trade Audit (SMETA) by Kiwa: meet buyers’ demands, show your ethical credentials and access new business.Show
ISO 22301 Business continuity management system with Kiwa: Prepare for disaster, disaster, and accident-related business disruptions.Show
KRAV certification with Kiwa: prove the organic origin of your products, meet customer demands and sell in the Swedish market.Show
PPI Quality and Engineering provides independent verification and certification services (design appraisals, certification of assets, and certification of materials and components).Show
Petrographic analysis for quarries, mining and construction.Show