Ta strona korzysta z ciasteczek, dowiedz się więcej

Masz pytania ?

Infolinia RBDO

 

Jeśli mają Państwo pytania dotyczące oferty zapraszamy na infolinię, pon.- pt. w godz. 9 -17, tel.: 22 487 86 70 lub   +48 724 570 436 

Dział Sprzedaży:
biuro@rbdo.pl
Dział Prawny:
faq@rbdo.pl

Biuro obsługi RBDO
Legis Profile Sp. z o.o.
ul. Kopalniana 22a/7
01-321 Warszawa

NIP: 522-302-50-86
KRS: 0000549436

Promocje

  • PAKIET RODO (DOSTĘP + CD): KOMPLEKSOWA DOKUMENTACJA RODO + E-SZKOLENIE Z CERTYFIKACJĄ 5 OSÓB - 69 zł + 23% VAT Promocja! Nowość! PAKIET RODO (DOSTĘP + CD): KOMPLEKSOWA DOKUMENTACJA RODO +... 69.00 PLN 399.00 PLN

    Ocena Klientów: 0 Przeczytaj 15 opinii

    Promocja do: 2019-10-18

    Przedmiotem zamówienia jest PAKIET DOKUMENTACJI  RODO + E-SZKOLENIE RODO Z CERTYFIKACJĄ DLA 5 OSÓB  - jednorazowa opłata pozwoli  Państwu korzystać z bezpiecznych procedur RODO.

    W cenie pakietu - (1) Kompletna dokumentacja i procedury ochrony danych zgodne z  RODO  (z roczną aktualizacją i przykładami wdrożeń) + (2) E-SZKOLENIE OCHRONY DANYCH Z CERTYFIKACJĄ DLA 5 OSÓB + (3) Najnowsze materiały szkoleniowe + (4) Aplikacja DPOS  z dostępem do aktualizacji dokumentacji oraz rejestrami czynności przetwarzania NA 12 MIESIĘCY (5) Consulting  w zakresie wdrożenia procedur - w cenie pakietu

    Jest to kompleksowy pakiet materiałów ze wsparciem prawnym, ukierunkowany na wdrożenie nowych procedur ochrony danych UE (RODO) w przedsiębiorstwie lub jednostce organizacyjnej.



    Zobacz więcej

Complete GDPR documentation witch risk assessment procedure - 149 PLN - (39 USD)

Poprzednia cena: 499.00 PLN

Aktualna cena netto: 149.00 PLN (-70.14%)


BUY NOW!  NOVELTY! An international package of the EU GDPR procedures that meet the highest standards of the guidelines of the EU Commission on the GDPR, the Article 29 Working Party (as of 25 May 2018 transformed into the European Data Protection Board), the standards of the European Union Agency for Network and Information Security (ENISA), PN-ISO/IEC 27005, PN-ISO/IEC 27002 and the European supervisory bodies!

Now for only 39 USD you can get a ready-to-use package of the GDPR procedures for your company (below You can View a list of the GDPR Package and international bibliography).

The biggest worldwide corporations use our procedures!

 

  • Buy now GDPR procedures  (Click BUY NOW and fill the Billing Details or order by email biuro@rbdo.pl  )
     
  • After paying by paypal or credit card, You will receive immediate access to the materials through the email provided by you ( access to all GDPR templates of documentation, procedures and methodologies at  https://dpos.eu.com/download/ )
     
  • You receive also access at the DATA PROTECTION OFFICER FORUM where you can ask questions to our expert and benefit from the insights of other users.



If you already have an outline of the GDPR documentation at your company – order our package to compare the individual elements!

Download an example part of Personal Data Security Policy >>


Download an example part of Breach procedure >>

Download an example part of of  risk assessment report for traditional documents >>

View a list of the GDPR Package elements here:

 

 

The documents saved as PDF and DOC files will be made available at www https://dpos.eu.com/download  as a set comprising the following:

Personal Data Security Policy

Appendix No. 1 – Model information resources inventory control

Appendix No. 2 – Model records of the concluded processing agreements

Appendix No. 3 – Model records of the processing activities

Appendix No. 3a – Model records of all the categories of processing activities

Appendix No. 4 – Model list of the processing area

Appendix No. 5 – Model balancing test

Appendix No. 6 – Model IT resources inventory control

Appendix No. 7 – Risk assessment methodology (General risk assessment)

Appendix No. 7a – Table I scenarios for traditional documents

Appendix No. 7b – Table II scenarios for traditional documents

Appendix No. 7c – Table III scenarios for electronic documents

Appendix No. 7d – Table IV scenarios for electronic documents

Appendix No. 7e – Model risk assessment report for traditional documents

Appendix No. 7f – Model risk assessment report for electronic documents

Appendix No. 8 – Information clause generation tool

Appendix No. 9 – Model document containing an abstract from the basic rules of personal data security and breach reporting

Appendix No. 10 – Model statement for authorised individuals

Appendix No. 11 – Model processing authorisation

Appendix No. 11a – Model records of the individuals holding processing authorisation

Appendix No. 12 – Model authorisation for the data protection plenipotentiary

Appendix No. 12a – Model authorisation for the ITSA (IT System Administrator)

Appendix No. 12b – Model authorisation for the data protection officer

Appendix No. 13 – General template of a processing agreement

Appendix No. 14 – Breach procedure

Appendix No. 14a – Breach report template

Appendix No. 14b – Model records of infringement

Appendix No. 15 – Monitoring and verification

 

RBDO documentation bibliography:
 
1.    Statement on the role of a risk-based approach in data protection legal frameworks adopted on 30 May 2014 WP 218 (Position of the Article 29 Working Party)
2.    Guidelines on Data Protection Impact Assessment (DPIA) and determining whether  processing is “likely to result in a high risk” for the purposes of Regulation 2016/679 Adopted on 4 April 2017 As last Revised and Adopted on 4 October 2017 WP 248 rev.01(Guidelines of the Article 29 Working Party)
3.    Guidelines on Personal data breach notification under Regulation 2016/679 Adopted on 3 October 2017 WP 250 (Guidelines of the Article 29 Working Party)
4.    Recommendations for a methodology of the assessment of severity of personal data breaches (ENISA) December 20, 2013
5.    Privacy Impact Assessment (PIA) 1 : methodologyFrench Data Protection Authority (CNIL) February 2018 edition (Guidelines of the French supervisory authority)
6.    Privacy Impact Assessment (PIA) 2 : template French Data Protection Authority (CNIL) February 2018  edition (Guidelines of the French supervisory authority)
7.    Privacy Impact Assessment (PIA) 3 : knowledge bases French Data Protection Authority (CNIL) February 2018 edition  (Guidelines of the French supervisory authority)
8.    Privacy Impact Assessment (PIA) : application to connected objects French Data Protection Authority  (CNIL) February 2018 edition (Guidelines of the French supervisory authority)
9.    How to understand risk-based approach? GDPR Guide Risk-based approach. Part 1 GIODO December 2017 (Guidelines of the Polish supervisory authority)
10.    How to apply risk-based approach? GDPR Guide Risk-based approach. Part 2 GIODO December 2017 (Guidelines of the Polish supervisory authority)
11.    PN-ISO/IEC 27005:2014-01 IT Technique -- Security Techniques -- Risk management in information security
12.    PN-ISO/IEC 27002:2014-12 IT Technique -- Security Techniques -- Practical information security rules (PN-EN ISO/IEC 27002:2017-06)

--

Entrepreneur! Have you heard of the GDPR? It is not only applicable to companies within the EU. If you process the personal data of EU citizens, you are automatically subject to the European personal data protection law. 


- Do you have a company outside the territory of the European Economic Area (EEA) and do business with persons located within the EU? YOU ARE SUBJECT TO THE GDPR!

- Do you have a company outside the EEA and a subsidiary company in the territory of the EU which provides you with the data of its employees or customers? YOU ARE SUBJECT TO THE GDPR!

See how simple it is to adhere to the new European law on personal data protection for only 99 EUR.



Article 3 of the GDPR

Territorial scope:


1. This Regulation applies to the processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union, regardless of whether the processing takes place in the Union or not.


2. This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to:

(a) the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the Union; or

(b) the monitoring of their behaviour as far as their behaviour takes place within the Union.


3. This Regulation applies to the processing of personal data by a controller not established in the Union, but in a place where Member State law applies by virtue of public international law.


----


EU GDPR DOCUMENTATION PACKAGE 2018

A complete set of data processing documentation in accordance with the GDPR for the undertakings operating in the EU and other entities.

 

The GDPR is also applicable to companies seated outside the EU if their business consists in offering commodities or services to the people located in the territory of the EU – pursuant to point (a) of Article 3(2) of the GDPR.

This is a comprehensive package of documents aimed at the implementation of new EU data protection procedures related to the adoption of the GDPR – in particular risk assessment methodology, classification of data security infringements, performance of information obligations and keeping records of personal data processing activities. 
 

Complete EU GDPR documentation and procedures
 

  • All the elements of the GDPR documentation are based on the guidelines of the Article 29 Working Party (transformed into the European Data Protection Board as of 25 May 2018), ENISA recommendations and (to a limited extent) ISO standards and recommendations and guidelines of the European supervisory bodies responsible for the protection of personal data.
     
  • By buying the EU GDPR Package you can implement the prepared procedures within one entity.

 

A DETAILED DESCRIPTION OF THE ELEMENTS CONSTITUTING THE EU GDPR 2019


1. DATA SECURITY POLICY COMPLIANT WITH THE EU GDPR 2019 – CHAPTERS



I. INVENTORY CONTROL OF INFORMATION RESOURCES

II. INVENTORY CONTROL OF IT RESOURCES

III. RISK ASSESSMENT AND SELECTION OF SAFEGUARDS

IV. IMPLEMENTATION OF INFORMATION REQUIREMENTS

V. READINESS TO FULFIL THE RIGHTS OF DATA SUBJECTS

VI. GRANTING AUTHORISATION TO PROCESS PERSONAL DATA

VII. PERSONAL DATA PROCESSING OUTSOURCING

VIII. PERSONAL DATA BREACH

IX. MONITORING AND VERIFICATION

--

THE DUTIES RELATED TO THE PERSONAL DATA PROTECTION PROVISIONS

 

WHICH ELEMENTS OF THE GDPR IMPLEMENTATION MUST BE COMPLETED? 

1.  Perform INVENTORY CONTROL of information and IT resources of the entity in all the sections – based on the information collected, perform a RISK ASSESSMENT, fill in a RECORD OF PROCESSING ACTIVITIES, define LEGAL BASES AND execute INFORMATION REQUIREMENTS.


2.  Perform a risk assessment with regard to information resources – and based on this decision on the selection of specific safeguards – both in respect of IT and physical security.


3. Adopt an infringement procedure and keep official records of infringements as of 25 May 2018 consisting in the documentation of infringements or reporting them to the supervisory authority within 72 h – no records of infringements.


4.  Analyse the need for a data protection officer (DPO) appointment – applicable to all the public entities and to the private entities if their main business activity consists in regular and systematic monitoring of natural persons on a large scale, and in the case of sensitive data, in order to determine the need for a DPO appointment, it is sufficient that the criterion of the main activity consisting in data processing on a large scale is met.


5. Update personal data processing outsourcing agreements with the entities to which data is delivered pursuant to the new GDPR procedures which require control of the entity to which data is outsourced.


6. Apply the relevant legal basis, data processing clauses and perfom the information requirementcompliant with the legal requirements of the GDPR and accompanying laws.

 

7. Data protection training and awareness – the persons authorised to perform personal data processing must be made familiar with the adopted procedures and must undertake to comply with them.


8. Monitoring and verification of the adopted procedures – non-compliance with the adopted procedures may constitute an intentional guilt which, if the entity is inflicted a fine, may eventually lead to a financial recourse to the persons responsible for negligence.

 

 

Bezpłatna dostawa
0.00 PLN

Aby dodać opinię musisz być zalogowany. Zaloguj się

RODO obowiązuje już od:

Przygotuj się z naszymi materiałami.
Zabezpiecz firmę przed kontrolą już teraz!


Zaufali nam m.in.


Modyfikacja: rbdo.pl