Complying with the GDPR (General Data Protection Regulation), which was came into effect on 25th May 2018, is compulsory for any company which operates in Europe. The new regulation addresses the treatment of personal data and its free circulation.Checklist GDPRUpdate legal documents and carry out internal auditsThis will determine the needs of the company in order to adjust to GDPR.Request the certificate or permission to be able to process dataIf the current consent does not comply with the new regulations it will have to be requested again.Organize an information auditExplain to clients why their data is stored and update the data of employees.Develop a guidance document for the work teamEmployees must know what GDPR is and how it can affect the company, so they can carry out the necessary procedures.Have a data elimination systemThe company will have to arrange an efficient and effective system to erase the data requested or not necessary anymore.Prepare a crisis management strategyYou will have to establish a crisis management strategy for if its application is ever necessary.Report the complianceOnce the different channels (web page, social networks and various mediums) updated, the company needs to report its compliance with the regulation.Ask for permissionUsers interested in being part of the company´s database will have to accept the terms and conditions requested of them through the different channels.Pay attention to minors under 16 years oldThe minors under 16 years old will need permission from their parents or tutors.Assign the figure of the Data Protections Officer (DPO)The EU recommends the inclusion of the figure of the Data Protection Officer to ensure that what is established in GDPR is respected and complied with. It can be a question of having an external professional or an employee who assumes said functions.For further information regarding the compliance with GDPR, you can access to the AEPD web page or,
