Understanding GDPR


What are the main challenges and advantages associated with GDPR?

  • Compliance with the GDPR is a legal requirement
  • Compliance with the GDPR makes your prospects, customers, users, administrators and members happy
  • Your teams appreciate your compliance with the privacy regulations
  • Your Brand’s image is improved and enhanced by this compliance

What benefits does Smart GDPR® bring to your organization?

  • Improving your overall IT security through risk assessment
  • Compliance schedules
  • Reducing your legal and financial risks with a well-equipped DPO
  • Optimizing your data assets and making them more valuable by identifying relevant processing activities
  • Creation and daily update of the registers
  • Synergy and collaboration between teams involved in compliance process

What does Smart GDPR® bring to me?

Smart GDPR® helps you to meet your obligations:

  • Establishing a data protection policy
  • Putting in place internal mechanisms and procedures
  • Becoming compliant
  • Staying continuously compliant
  • Performing impact assessments
  • Having appropriate documentation
  • Tracing your processes.

What is the role of the DPO Lawyer (Data Protection Officer)?

The Lawyer performing the function of a DPO will:

  • audit your GDPR compliance
  • provide you with the certification of any document needed in case of control by the Data Protection Authority
  • provide you with any personalized advice relating to your GDPR compliance

What are the main steps I have to take in order to become GDPR compliant?

  • Appoint a DPO
  • Identify data processing
  • Audit data processing
  • Perform Impact Analysis
  • Create a schedule to become compliant
  • Implement your compliance plan
  • Formulate a compliance policy
  • Train and inform your teams
  • Implement GDPR-compliant processes through all the departments

Implementation of strong technical and operational measures to ensure the security and confidentiality of data.

What is your experience in dealing with privacy, data protection and information security?

Our team has worked with privacy, data protection and information security from the beginning of the internet industry in France.

How many years have you been involved in IS audit, IT infrastructure, data management, risk management and IT programming?

Our founders have, in total, more than 40 years of experience in these domains.

Which professional associations related to data protection do you belong to?

Smart GDPR® is a member of the AFCDP.

What is your international experience?

European Union and Switzerland, USA, Canada, Mexico, China and Japan.

Will smart GDPR ® be resident of an EU Member State for the duration of the contract?


How do you stay informed about the new trends in technology and the changes in regulations?

The Smart GDPR® is constantly monitoring the developments and making changes to its Legal Library available to users.

What experience and what obligations do you have to maintain confidentiality?

Privacy by design.

In what areas did you teach?

We are and have been speakers at many conferences organized by professional associations’ and exhibitions’ organizers.


What relationship do you have with the local regulatory authority?

We are registered within the authority and carefully follow all the regulations.

How do you meet your potential exposure to legal liability for this role?

Our activity is covered by a civil liability insurance.

How will you keep us informed of your activities and within what frequency?

You will be informed in real time by the interface of Smart GDPR®.

You can set up the frequency of additional reports according to your preferences.


What are examples of data processing?

Managing a customer’s/supplier’s file

Managing an employee’s file

Management and sending of the payment stubs

Management of prospects’ files whenever something is bought/rented/exchanged

Billing and regulations management

Database storage

Storage as files (Excel, text, csv, …)

Storage in paper forms (invoices, pay slips, etc.)

Website/Extranet for clients or suppliers

Server Logs

Management integrated software, professional and business software

Access to premises (badges, system for recording attendance etc.)

Note: each of the above examples can count as multiple processing