The service covers the company's need to comply with the Data Protection Regulation and the Law (GDPR). The service is tailor-made for you who in a simple way need to maintain a high level of compliance without hiring a number of new specialized employees.
1 year after a compliance level of 100% has been established, the level does not exceed 50% if nothing has been done. That's our rule of thumb.
It may well be that the right framework for achieving compliance is correctly determined in the annual cycle, but as the system use, the general threat picture and the systems themselves change over time, for example risk assessments will become obsolete on an ongoing basis. Good compliance and security today is not necessarily good compliance and security tomorrow.
The service includes, among other things, updating your mapping, checking data processor agreements, updating privacy and deletion policies and performing GDPR risk assessments.
In addition, we perform the statutory supervision of the data processors on your behalf and submit an annual report to the management with a view to you being able to comply with your company law obligations in relation to risk management.
Before you can enter into an agreement on the service, we must either ensure the quality of existing documentation or help you through an implementation process, where we at least establish or expand a compliance organization with you, establish an annual cycle and help you choose the right IT support.
Please note that under this agreement we can also provide DPO function. Unitas is the DPO for a number of private companies and public institutions, and masters all the relevant conditions for performing this function.
How is the service delivered?
Unitas continuously maintains a high level of professional knowledge within the GDPR, what new guidelines, recommendations and judgments are published, and how they affect your company's GDPR.
Ongoing holder Unitas your documentation is updated, performs inspections, follows up on inspections, handles security breaches that entail a notification obligation, etc. Twice a year you receive a general update and annually you receive a GDPR compliance report to the management. All this without you having to fall over reminders in your own calendar in relation to bringing tasks and conscience to life.
The service is delivered in Danish or English.
Content of the service agreement
Excerpt from service description of the areas that Unitas takes care of under the service agreement.