GDPR

The General Data Protection Regulation (GDPR) is an European law designed to strengthen the data rights of the residents of the European Union (EU) and harmonizes the data protection laws across all member states. Making it identical in this way and bringing more transparency to the people about what data organizations collect and what purposes they use it for.

Personal data

Fundamentally, data plays a important role in almost all aspects of our lives. Your name, (email)address, credit card number and more are collected, analyzed or stored by organizations. Under the new GDPR terms, organizations will have to ensure that all these personal data is gathered legally and under strict conditions and that those who collect and manage the data are obliged to protect it from misuse and exploitation.

Controllers and processors

According to the GDPR organizations need to understand the difference between data controllers and data processors. The data controller determines the purposes for which and the means by which personal data is processed and therefore decides ‘why’ and ‘how’ the personal data should be processed. The data processor is normally a third external party and processes personal data on behalf of the controller. The duties of the processor towards the controller should be specified in a contract: the so called data processing agreement.

Data breach

The GDPR introduces the requirement for a personal data breach to be notified to the national supervisory authority. Although you may have taken every step necessary to minimalize risk, breaches are unfortunately never hundred percent preventable. Controllers and processors are therefore encouraged to plan ahead to be able to detect and immediately end a breach and to determine whether it is necessary to notify the competent supervisory authority and the individuals involved.

Fines

Failure to comply with the requirements of the GDPR can lead to high fines. To prevent that from happening Kiwa can help organizations in information and privacy security, with assessments, audits and certifications.

GDPR Services

  • ISO 13485:2016 is the medical device industry's quality management system (QMS) standard. The scheme specifies the requirements for a quality management system for medical devices.
    Show
  • ISO 50001 Energy Management system certification with Kiwa: conserve resources, save money and mitigate climate change.
    Show
  • ISO 22716 Cosmetics - Good Manufacturing Practices with Kiwa: Regulations for systematic and organisational product safety and quality control to be followed throughout the manufacture of cosmetics
    Show
  • The MSC traceability standard is a globally recognised environmental certification scheme that allows you to market MSC certified fish and shellfish. The blue MSC label shows that fish have been caught in a way that creates healthy oceans and secures seafood supplies for the future - something that is important to your customers.
    Show
  • ISO 22301 Business continuity management system with Kiwa: Prepare for disaster, disaster, and accident-related business disruptions.
    Show
  • Kiwa's ISO/SAE 21434 Road Vehicles Cybersecurity Certification: A standard for protecting vehicles, computer networks (both local and shared) from external threats.
    Show
  • KRAV certification with Kiwa: prove the organic origin of your products, meet customer demands and sell in the Swedish market.
    Show
  • ISO 45001 is a tool to systematically fulfill the legal obligation for employers to ensure the health and safety of employees and to pursue a policy aimed at achieving the best possible working conditions.
    Show
  • IATF 16949 certification with Kiwa: improve your processes, protect your reputation and enter the global automotive supply chain.
    Show
  • GLOBALG.A.P. certification with Kiwa: reduce your food safety risks, increase your transparency and support sustainable agriculture to meet customer demands.
    Show