07.06.2017

News

Is your business in compliance with the requirements of data protection law?

The new Data Protection Regulation implies significant changes when it comes to the processing of data, with potentially big fines for non-compliant businesses. NJORD is ready to assist businesses and public authorities in complying with the rules.

All businesses and public authorities collecting, exchanging or processing personal data are subject to the Data Protection Regulation, and there is less than one year to take measures ensuring compliance with the rules before the regulation comes into force on 25 May 2018.

Is your business in compliance with the new requirements?

Transparency Information must be correct and readily understood. Especially in the event of obtaining consent to the processing of personal data, the applicable rules have become more rigorous.

Minimum processing The processing of data may take place only if strictly necessary. The protection of personal data shall be ensured through the design or standard settings of the IT solution.

The right to request the deletion of personal data Everybody has the right to get his or her personal data cancelled.

Data portability Every data controller shall be able to transmit personal data to the registered persons via a legible and generally acknowledged media.

Responsibility Every data controller shall be able to explain how the rules are observed. This imposes very high demands on internal procedures and assignment of responsibility.

Data Protection Officer (DPO) Public authorities and businesses processing personal data as part of their core activities or on a large scale are to have a DPO.

Shared responsibility Data processors are subject to the same requirements as data controllers – even if the parties have entered into a data processing agreement.

Notification A duty to inform the relevant authorities within 72 hours in the event of security breach.

REMEMBER! Non-compliance may result in fines of up to 4% of the annual global turnover of the business in question.

Download our survey of the new requirements (in Danish): Is your business in compliance with the requirements of data protection law.

NJORD’s Personal Data Compliance Packet

NJORD offers you a Personal Data Compliance Packet in connection with your efforts to comply with the data protection rules. The packet contains legal services ensuring that your business operates in accordance with legislation and is prepared for the moment when the Data Protection Regulation comes into force.

Step 1 – Data Flow Analysis

  • We offer you a process approach, where we will go through all systems as part of the process.
  • We will review your data flows and carry out a legal analysis of all the elements of data processing, including consent, storage, administration, etc. in close collaboration with you by means of questionnaires and interviews as required.
  • Subsequently, we will provide you with a report with the results of the analysis and recommendations for initiatives ensuring compliance.

Step 2 – Internal guidelines and procedures

  • We will draw up practical guidelines and directions for in-company use in order to satisfy the requirement of the Data Protection Regulation for self-auditing (the principle of responsibility).
  • We will adapt the guidelines to your business based on the Data Flow Analysis.

Finally, we will issue a validation certificate documenting that your business is compliant.

Would you like to know more?

You are welcome to contact Attorney and Partner Malene Fagerberg by e-mail mfr@njordlaw.com or by telephone +45 77 40 11 50 for an informal discussion of the specific needs of your business and get an offer at a fixed competitive price.

Latest news

Are compensations for your former employees taxable in Estonia?

What tax liabilities are created, when an employer terminates their work relationship with the employee e.g. due to layoffs?  Often when the working relationship ends, the parties agree that the employer will pay a compensation to the former employee during a certain period. There are several reasons for paying compensations, perhaps most common of them is the restriction of competition clause.

NJORD Estonia explains: Reckless license agreement can wreck your brand!

As Estonia is gaining recognition for its successful increase of creativity, more and more brands are spreading beyond our borders. When noticing Estonian design in foreign airports or department stores, many of us Estonians feel impressed. But, be sure to register your brand as a trademark to ensure legal protection for your idea. Copyrights, trademarks, designs and patents can be registered both domestically and on a more or less global scale, and it gives the registered author the exclusive right to use his or her own creation in any way and to permit or prohibit the use of the work by other persons. In other words, no-one should earn money on your creativity without a license!

Get the latest legal news

We gladly share our knowledge with you. Subscribe to our newsletters.

Subscribe here