GDPR

GDPR came into force on 28th May 2018, and the meetings and events industry was be heavily impacted, due to the hight amount of processing of personal data within the industry. GDPR is not only about the rights event attendees / delegates, but reaches far within the organisation – it is a new way of thinking, that puts data privacy in front of mind.

Companies should be ‘GDPR Compliant’ by now or risk facing eye-watering fines – for many small and medium-sized businesses, a penalty for a data breach after May 2018 will probably cause them to go out of business.

Smartec Business solutions can provide a range of GDPR and data protection services with a specialisation in meetings and events, which gives invaluable context when considering a client's processes. All work is carried out by an accredited GDPR Practitioner whose details appear on the gasq.org database of accredited GDPR professionals.


GDPR Audit and Gap Analysis

For companies starting on their GDPR journey, or for those that have made a start, the following steps lead to 'Gap Analysis' report, which highlights the current state of the company and compares it with GDPR requirements.

  1. Start with an audit of all existing processes, policies, contracts and assets within the organisation.
  2. Carry out a detailed data mapping and ‘gap analysis’ of all processes that handle PII date. There is no easy way of doing this – it will often require input from different department or division heads.
  3. A report will summarise the current position of the organisation, and present a plan to become compliant with recommendations for priority areas.

Any remediation work required will be carried out, either internally by the organisation, or with the help of Smartec or other 3rd parties.

For more information, call Smartec on +44 (0)1784 289974 or email info@smartecbs.com

Pricing Options:

Smartec Business Solutions offers the following GDPR Compliance options for steps 1 to 3 above:

  • Option 1 – a 3 day package that consists of 2 day onsite, followed by 1 day of analysis (or the other way around, as necessary), resulting in a report and a compliance plan. This is charged at £1,990 + VAT, with all expenses additional
  • Option 2 – a 5 day package that consists of 3 day onsite, followed by 2 days of analysis (or the other way around, as necessary), resulting in a report and a compliance plan. This is charged at £2,990 + VAT, with all expenses additional

NOTE: Where branch or international offices are involved, additional days may be required.

Both options will require key personnel from all departments to be fully engaged and available for discussion. These include senior management and the heads of Operations, IT, Sales and Marketing, Finance, etc.

For more information, call Smartec on +44 (0)1784 289974 or email info@smartecbs.com

Virtual DPO

A DPO (Data Protection Officer) is mandatory for some companies but recommended for those that process large volumes of data, such as those in the event sector. A DPO is a data specialist who will provide the following services on behalf of the client:

● provide virtual advice and guidance on GDPR compliance

● review the client's current state of GDPR compliance, and any policies, procedures and documentation in place

● advise on data protection impact assessments (DPIA)

● provide advice and guidance on responding to data subject requests

● support the client with any training and awareness programs required

● monitor compliance with GDPR and advise on regulation changes

● conduct regular reviews

● cooperate with the supervisory authority and act as the client's contact point

For more information, call Smartec on +44 (0)1784 289974 or email info@smartecbs.com

Pricing Options:

Smartec Business Solutions offers a Virtual DPO service that is cost effective and scalable, depending on the changing needs of the client.

Option 1 - Virtual DPO for one day per month - £590 + VAT per month

Option 2 - Virtual DPO for two days per month - £990 + VAT per month

For more information, call Smartec on +44 (0)1784 289974 or email info@smartecbs.com

Representative Company

Where an organisation processes the data of, or offers goods and services, to EU citizens, it is required a appoint a representative within the EU if it does not have a branch or office in the EU. As the UK leaves the EU, those same companies may be required to appoint a representative in both the UK and a remaining EU country. Similarly, EU companies that offer goods and services, or monitor the behaviour of UK individuals may need to appoint a representative within the UK after Brexit.

Smartec can provide representative services for organisations that require a representative within the UK. This service includes:

  • To act as a point of contact for the company in the UK
  • Liaise with the Supervisory Authority (the ICO)
  • Respond to Subject Access Requests
  • Review your records of processing for individuals in the UK
  • Prepare an annual activity report

Benefits of the service:

  • Qualified GDPR Practitioners
  • Experience in international business
  • Cost-effective and scalable
  • Specialised for meetings and events, so provides invaluable context

Costs start at £100 + VAT per month.

For more information, call Smartec on +44 (0)1784 289974 or email info@smartecbs.com