07.06.2017

News

Is your business in compliance with the requirements of data protection law?

The new Data Protection Regulation implies significant changes when it comes to the processing of data, with potentially big fines for non-compliant businesses. NJORD is ready to assist businesses and public authorities in complying with the rules.

All businesses and public authorities collecting, exchanging or processing personal data are subject to the Data Protection Regulation, and there is less than one year to take measures ensuring compliance with the rules before the regulation comes into force on 25 May 2018.

Is your business in compliance with the new requirements?

Transparency Information must be correct and readily understood. Especially in the event of obtaining consent to the processing of personal data, the applicable rules have become more rigorous.

Minimum processing The processing of data may take place only if strictly necessary. The protection of personal data shall be ensured through the design or standard settings of the IT solution.

The right to request the deletion of personal data Everybody has the right to get his or her personal data cancelled.

Data portability Every data controller shall be able to transmit personal data to the registered persons via a legible and generally acknowledged media.

Responsibility Every data controller shall be able to explain how the rules are observed. This imposes very high demands on internal procedures and assignment of responsibility.

Data Protection Officer (DPO) Public authorities and businesses processing personal data as part of their core activities or on a large scale are to have a DPO.

Shared responsibility Data processors are subject to the same requirements as data controllers – even if the parties have entered into a data processing agreement.

Notification A duty to inform the relevant authorities within 72 hours in the event of security breach.

REMEMBER! Non-compliance may result in fines of up to 4% of the annual global turnover of the business in question.

Download our survey of the new requirements (in Danish): Is your business in compliance with the requirements of data protection law.

NJORD’s Personal Data Compliance Packet

NJORD offers you a Personal Data Compliance Packet in connection with your efforts to comply with the data protection rules. The packet contains legal services ensuring that your business operates in accordance with legislation and is prepared for the moment when the Data Protection Regulation comes into force.

Step 1 – Data Flow Analysis

  • We offer you a process approach, where we will go through all systems as part of the process.
  • We will review your data flows and carry out a legal analysis of all the elements of data processing, including consent, storage, administration, etc. in close collaboration with you by means of questionnaires and interviews as required.
  • Subsequently, we will provide you with a report with the results of the analysis and recommendations for initiatives ensuring compliance.

Step 2 – Internal guidelines and procedures

  • We will draw up practical guidelines and directions for in-company use in order to satisfy the requirement of the Data Protection Regulation for self-auditing (the principle of responsibility).
  • We will adapt the guidelines to your business based on the Data Flow Analysis.

Finally, we will issue a validation certificate documenting that your business is compliant.

Would you like to know more?

You are welcome to contact Attorney and Partner Malene Fagerberg by e-mail mfr@njordlaw.com or by telephone +45 77 40 11 50 for an informal discussion of the specific needs of your business and get an offer at a fixed competitive price.

Latest news

Restructuring is not bankruptcy!

Often businesses think that restructuring equals bankruptcy, but that is not even remotely true. Restructuring is not the same as bankruptcy! If the purpose of bankruptcy proceedings is to liquidate the business, then the goal of restructuring is preserving it.

NJORD Estonia gives advice: Submit your restructuring application on time

For a successful restructuring, it’s extremely important to submit the restructuring application on time. There is no point in starting the restructuring proceedings at the last minute if the business has already used up all the resources necessary for a successful restructuring proceeding. According to legal literature, the main cause for a failed restructuring is […]

NJORD Estonia explains: Restructuring – what is it?

The Reorganisation Act defines restructuring (legal term reorganisation) as follows: “The reorganisation of an enterprise means the application of a set of measures in order for an enterprise to overcome economic difficulties, to restore its liquidity, improve its profitability and ensure its sustainable management.” Not the worst definition, but still might be quite confusing.

Get the latest legal news

We gladly share our knowledge with you. Subscribe to our newsletters.

Subscribe here