International companies are facing an uphill battle to ensure they are compliant with the forthcoming EU General Data Protection Regulation (GDPR).

Companies subject to GDPR need to be compliant by May 25th, 2018 to avoid fines up to 4% of the global annual turnover or 20 million Euros.

This law is not only relevant for European companies – it applies to any company that has customers within the EU, regardless of where you are based.

eco can provide the expert know-how that you need to ensure your processes are compliant and keep them that way, to train your staff, and to react effectively to security incidents.

eco can also act as the EU Representative for non-European companies that are required by law to appoint one.

• Guidance to establish existing level of data protection in the company, from the perspective of processes, technical structure and data security
• Risk assessment and prioritization of action to be taken
• Drafting of the legally required record of processing activities
• Establishing the Data Security Management System, including processes to ensure continued compliance