top of page

GDPR
Compliance

The General Data Protection Regulation (GDPR) is a comprehensive European Union law that took effect on May 25, 2018 and regulates data privacy and security. The GDPR unifies other EU's data protection laws under a single umbrella. The GDPR objective is to protect personal data and protect the privacy rights of anyone who resides in an EU country or territory. 

​

If you're an organization that collects, stores, or processes personal data on EU residents (regardless of location), you must comply with the GDPR. BitSpartan helps organizations become compliant with the GDPR by offering a range of information security and cybersecurity services that enable organizations to adhere to the GDPR privacy rights and data protection principles.

gdpr.png

Who is required to comply with the GDPR?

receiving-files.png

Organizations that collect personal data of EU residents

storage2.png

Organizations that store personal data of EU residents

transmit.png

Organizations that transmit personal data of EU residents

analyze.png

Organizations that analyze personal data of EU residents

cybersecurity-hand-edit.png

Our company specializes in cybersecurity. Put your trust in us to handle security compliance.

What is personal data?

Information or collection of pieces of information that can be used to identify someone. The following are examples.

pci4.png

Name

pci4.png

Gender

pci4.png

Physical Address

pci4.png

IP Address

pci4.png

Eye Color

pci4.png

Location Data

pci4.png

Email Address

pci4.png

Political Affiliation

pci4.png

Ethnicity

The GDPR
Principles and Rights

principles.png

Principles

1. Lawfulness, fairness and transparency

2. Purpose limitation

3. Data minimisation
4. Accuracy

5. Storage limitation
6. Integrity and confidentiality (security)
7. Accountability

  • Purpose limitation

rights2.png

Rights

1. Right to Information

2. Right of Access

3. Right to Rectify

4. Right to Erasure

5. Right to Restriction of Processing

6. Right to Data Portability

7. Right to Object

8. Right to Avoid Automation Decision-Making

cybersecurity-hand-edit.png

Basic U.S. Checklist

checlist-white.png

Conduct audit for EU personal data

checlist-white.png

Appoint a data protection officer

checlist-white.png

Inform customers of purpose

​

checlist-white.png

Designate a representative in the EU

checlist-white.png

Data protection impact assessment, remediation and improvement

checlist-white.png

Incident Response Plan

checlist-white.png

Make sure data processing agreements exist with vendors

checlist-white.png

Comply with cross-border transfer laws

Not all are listed here and not all are required. Our GDPR assessment will determine the requirements based on your business.

How we can help

If you are an organization just starting up or need a gap assessment done, we can help. BitSpartan helps organizations in achieving GDPR compliance through advisory and information security services. With our GDPR readiness and gap assessments, we will snapshot your current security profile, evaluate it against GDPR requirements, make recommendations, and assist in developing a roadmap to ensure a continuous compliance cycle.

GDPR Services

assessment.png

Identify in Scope System and Process (i.e., personal data mapping, inventory)

assessment2.png

Cyber Risk Assessments, Penetration Testing

looking.png

GDPR Readiness and Gap Assessments

action-fix.png

Our suite of services to maintain compliance

fix2.png

Gap Remediation

​

gap.png

Our suite of services to achieve compliance

bottom-lock-no-line.png

Ready for help?

We know what you're looking for and we know how to get you there. That's because, from a business perspective, we understand where you need to be. The majority of BitSpartan consultants transitioned from technical IT roles to management, where they provided governance, risk, and compliance expertise to top organizations in the private and public sector. In the field, all consultants are either CISA, CGEIT, CRISC, or trained and supervised by these certified professionals. Our strong technical and IT governance background, blended with assurance expertise, makes our team of consultants one of the best in the industry.

bottom of page