GDPR for Japanese Companies
EU and Japan are more connected than ever. Make your company ready for the largest Digital Single Market.
GDPR impact on Japanese companies
Following the full implementation of the EU Regulation “GDPR”, many Japanese organizations need to comply with the new legislation. In particular, GDPR states that every company that offers goods or services to data subjects in the EU or monitors their behavior as far as their behavior takes place within the Union, has to comply with the GDPR (even if the company is not established in the EU).
EU-JAPAN ADEQUACY DECISION
After the adoption of the adequacy decision by European Commission, the effective protection of personal data has become more and more important for Japanese companies.
The 25th of May of 2018 the General Data Protection Regulation (GDPR) came into effect. The objective of ARGO is to identify non-conformities both in IT systems and company organizational processes in order to address and deal with all the problems detected.
GDPR fines for non-compliance can be up to €20 million or 4% of annual turnover for serious violations.
4 THINGS YOUR COMPANY NEEDS
(CLIENTS, SUPPLIERS, CONSULTANTS, WEBSITE USERS, ETC.)
DATA PROCESSING AGREEMENTS (Data Processors) AND APPOINTMENT LETTERS
(DPO, Persons acting under the authority of the Data Controller)
RECORDS OF PROCESSING ACTIVITIES
RISK ANALYSIS AND SECURITY OF PROCESSING
– Analysis of the data processing performed by the organization;
– Drafting of privacy notices;
– Data Processor compliance verification;
– Drafting of Data Processing Agreements for Data Processors;
– Training and drafting of appointment letters for client’s staff.
– IT security audit;
– Websites and APP compliance with GDPR;
– IT security measures;
– Data Processing Impact Assessment (DPIA);
– Procedures aimed to reduce the risk of Data Breach.