GDPR process descriptions for consumer rights
Upon the introduction of new GDPR legislation on 25 May 2018, consumers will enjoy new rights with respect to the use of their personal data. In response to requests made by consumers to exercise these rights, the relevant processes have to be set up and documented.
Given that the employees and the management had many questions about the new legislation, it was important to ensure they didn’t stall in their efforts to comply with it. Wherever this seemed likely to happen, I ensured that at least a basic framework was in place, thanks to the use of examples and proposals. Details could then be filled in more easily at a later stage.
As was previously agreed, by the end of the assignment we delivered all new process descriptions, which were then documented in the client’s business processes modelling tool. Thanks to these documented process descriptions, the client is now in a position to deal with incoming requests about privacy. The coordination desk has been set up and is ready to process incoming requests as soon as they start arriving. The client, meanwhile, can comply fully with this part of the GDPR.