Data Privacy Consulting
GDPR
Came into enforcement in May 2018 General Data Protection Regulation (GDPR) is the new data protection regulation that changes the way businesses and organizations handle personal information.
Today’s rapid technological changes are resulting in the large-scale creation, usage, storage, and distribution of digital information. The old models of data handling frameworks are not sufficient to meet the challenges and trends of globalization and technology advancement.
Hence, organizations that transfer their personal data outside of the European Union (EU) must adhere to the GDPR data transfer guidelines. GDPR provides numerous opportunities and benefits. It increases the organization’s obligations and investments made to be GDPR compliant.
The penalties for organizations that fail to comply with GDPR requirements can reach up to € 10 million or 2% of an organization’s annual turnover, whichever is greater.
ARC Tech’s adept professionals are certified in ISO 27001 BS 10012 and ISO 27701. They provide comprehensive consulting services to the client and help them become GDPR compliant.
CCPA and other Data Privacy Act
CCPA is a crucial data privacy law passed by the state of California in 2019 to give more control to consumers on their personal information. This law came into effect on January 01, 2020 and gives the residents of California all rights to control the type of information that companies obtain from them and how it is used. CCPA provides new tools to the residents to shield their personal information and saddles businesses with great responsibility.
According to the American Bar Association (ABA), CCPA is one of the most comprehensive privacy legislations to be enacted in the US. This new legislation enables the residents of California to demand companies to list down the information obtained on them. The residents also have the possibility of requesting a copy of that information.
SEC. 3. Title 1.81.5 (commencing with Section 1798.100) is added to Part 4 of Division 3 of the Civil Code.
Companies may need to delete their consumer data upon request. A company is forbidden to sell consumer data when a customer clicks on the “do not sell” button on the company’s website.
Whether or not a customer exercises their right does not result in getting a different treatment from a company in terms of services and prices. Companies are not allowed to treat their users differently based on their data disclosure choices.
What We Actually Do
Certified Data Protection Officer:
Our Certified Data Protection Officer helps you become compliant with CCPA
Performing Gap Analysis:
We analyze the maturity of the organization against GDPR articles and CCPA titles.
Meeting the Gap:
Certified Data Protection Officer (CDPO) from ARC Tech formulates necessary policies and procedures and guides you to meet the gaps.
DPIA:
ARC Tech helps your organization perform Data Protection Impact Analysis (DPIA) using proprietary tools. Our consultants study the client’s application and define data and process models. This helps to identify the impacted data elements and processes.
Risk Analysis:
We at ARC Tech assess the risks that could arise from the gap in compliance and help you mitigate the risk using 1st Privacy.
Cooperate with Supervisory Authorities:
In the final step, ARC Tech, in partnership with PECB, gets our client certified in ISO 27001/ 27701. https://pecb.com/en/education-and-certification-for-individuals/gdpr
