European Flag

AASAP AND CO - GDPR

GDPR : do not be late !

The General Data Protection Regulation reaches mature in 2020.

  • GDPR has become a priority for European Governements. No one can play anymore with personal data of European citizens.
  • To make sure your process is correct, I recommend a few simple and efficient piece of advise.

To begin with, here are 10 questions or common ideas you may have and I provide clear answers:

  1. GDPR, what is that?
  2. It is a European law, adopted in 2018 which provide European Customers with a good use for their personal data.

  3. Personal data, what is that?
  4. Personal data are all the data that can help identify a human being.

  5. Why make a reglementation?
  6. Up to now, Developers could make whatever they want and collect as much data as they want about Web Customers. But, several times, personal data were used, sold and became a very fruitful business, at the expense of Customers and without any consent. If those Developers had cared about Security seriously, that would not have been a problem. New rules in Europe help remember that Personal data are the property of Customers and they are not supposed to be sold without their agreement.

  7. Cookies, what is that?
  8. It is almost like a poison: they are little piece of code, owing to collect data from those who go from one Website to another. We have reached such a point that some Websites just can not work. That will be illegal soon in France. What would you say if a merchant would forbid you to come into his shop unless you provide him with your name, address and email ? I am sure you would sue him and you would be right. Cookies are equal : you just can not read a content if you do not accept to give identity and email and so on : do you find it fair? GDPR is aiming to regulate this, for the safety of Customers. As from 2020, all Cookies and traking methods in websites as well as in mobile applications will be illegal.

  9. I just need to collect the agreenment of Customers, then?
  10. It is not that easy. You have to collect agreement and you have to implement disagreement at anytime the Customer needs this. There are a few rules to use data the correct way.

  11. GDPR, but that's only for GAFAs ?
  12. No, GDPR in Europe is for all Trade Companies and you may see on the CNIL's webpages the fines that were given. Some French Start-ups were strongly annoyed and had to stop several months before they could start again their business : they were the first ones to be sanctioned.

  13. CNIL, what is that?
  14. CNIL is the French Organisation which helps enforcing GDPR in France. Before now, it was a just a Collecting Administration you had to provide information about your databases and so on. But now, it is the official organism providing sanctions about breach in Personal Data Security and enforcing Companies with compliance to GDPR. For instance one of the biggest fine's amount is 50 millions Euros.

  15. It is not a concern for me, see, I have no website!
  16. Any Company collecting data and organising them through databases are concerned.

  17. GDPR? Give me a break, it is not that urgent!
  18. For the last two years, CNIL gave a lot of information to Companies, so that they are compliant with GDPR. 2020 is the maturity age for this law and all Companies, Associations or Governements are concerned.

  19. DPO, what is that?
  20. The Data Protection Officer is the one who cares for and monitors compliance to GDPR within a Company or a big organisation. He/she may be an independant one (as I am, for instance). There are no certifications or diploma for this job, it is a new job.

GDPR : compliance offer

Theme Price*
*VTA excluded
Diagnosis and synthesis 1500€
Compliance As from diagnosis, on quotation
Records on quotation
Workshop on GDPR for staff 250€ for 10 persons
DPO per year on quotation
Contact for a quotation.