GDPR Compliance

VeraSafe guides you through a discovery exercise, to develop your records of data processing (as required by Article 30 GDPR). This set of diligence becomes an essential information resource throughout your initial GDPR compliance project, and beyond.

VeraSafe will review your organization’s privacy policy and propose improvements to the existing privacy policy, or draft a new one, as necessary, to comply with the GDPR. If consent is the most appropriate legal basis for certain data processing operations in your organization, we will analyze your organization’s current data collection points and recommend ways to implement consent management, or improve the quality of the consent acquired, with respect to the requirements of Article 7 of the GDPR.

VeraSafe will analyze each information system within the scope of your exposure to the GDPR and identify cases where data subject rights (right to be forgotten, right to access, correct, update one’s personal data, right to restrict processing, etc.) are not supported. Our team will help you score or rank all compliance gaps and develop real-world solutions to close critical compliance risks.

The GDPR includes specific obligations that you must pass down to any service organization you engage to process personal data on your behalf. VeraSafe has a mature methodology, including an internal knowledge base covering our approach to successfully negotiating GDPR-compliant data processing addenda with common service providers. Additionally, we help you assess vendor compliance by analyzing their third-party audit reports, or vendor security questionnaires.

VeraSafe has painstakingly developed a library of data protection-related standard operating procedure templates that can be easily customized to fit your particular circumstances. We also refine your existing procedures to help ensure your operations comply with applicable privacy and cybersecurity laws.

Before starting new data processing initiatives under the GDPR, a data protection impact assessment must be performed, in certain cases. VeraSafe offers complete assistance and impartial advice on your DPIA, in addition to a DPIA template and documented DPIA procedure template for you to use in conducting your own DPIAs.

VeraSafe provides our proprietary all-in-one privacy and security training program: PrivacyTrain. This integrated Learning Management System includes popular computer-based training content, which can be applied across your entire organization. Detailed reporting helps you document and demonstrate compliance.