GDPR for Dummies — Vol. 4

GDPR. Christmas is finally here as we have taken upon us to read 88 pages of lawyer nonsense and provide you with some of the basic information you need to be prepared for when The General Data Protection Regulation enforces. During the last three weeks, we have published an advent calendar of GDPR-related articles. We hope you enjoyed them — this is the last one. You can read the first, the second and the third here, here and here.

Step #4 — The Great GDPR Surprise!

Why do we bother reading so many pages of humdrum EU-law? Why publish something as deadpan tedious as a GDPR-calendar for Christmas? What is in it for Contractbook, you think? Your sleepless nights of frustrations are now over as we are ready to answer all your questions.

Oscar Wilde once wrote that “true friends stab you in the front”. Charming man. As it is Christmas, we will come clean and tell you how exactly Contractbook can be a useful GDPR-tool for small and medium-sized companies that do not have data processing as their core activity. Here we go!

The Contractbook Solution

Organized archives are fundamental in the process of becoming GDRP-compliant. One of the main principles of GDPR is that you have to be able to document and prove your compliance. If you are able to show that you have thought your data processing through and taken all possible measures, you will be in a much better legal position in case of a breach. It is practically impossible to prove your good intentions if your data processing is not handled in an organized way. You should do everything in your power to banish all kinds of coincidence.

Contractbook facilitates exactly such an organized archive that provides you with a navigable setup and a grand overview of your legal documents. You can import all your old documents and store them with the new ones so that everything is kept in one place.

As we explained in our previous blogs, GDPR encourages data minimization. You should only hold and process necessary data with a clear purpose. Furthermore, this data should only be accessible to the fewest possible persons, and only if they use the data for a legitimate and pre-defined purpose.

First of all, our templates will be designed to strengthen privacy and acquire sufficient consent. They provide a useful framework for GDPR-compliant contracts. If you use them correctly, you will be less likely to acquire unnecessary data.

With Contractbook you can specify and control who handles what. Our Team Management Function enables the appointed team owner to monitor contract management in your organization and thereby ensure that only the chosen few have access to the personal data you process.

The GDPR introduces The Right to be Forgotten and The Right to Data Access (explained in Vol. 2). If your contracts are kept in unorganized email threads or endless shelves of binders, it will be practically impossible to act with decorum and at least prove that you do. Furthermore, with the new data-portability requirements, you have to be able to transmit the data you process in a machine-readable format: It has to be digitalized in one way or the other.

A Contractbook-setup is a perfect way to ensure you live up to those requirements. We will make sure that it is easy to erase all personal data when the contract has fulfilled its purpose.

The personal data is easy to access at any time and the data subjects can even do it themselves. One task less for you.

All personal data is stored digitally and you can easily download it in a machine-readable format. Data portability fixed.

GDPR Bonus

You need to form clear agreements with everyone processing or holding data on your behalf. We will make sure to have templates for such agreements ready for you (free of charge of course).

You will not become completely GDPR-compliant just be reading this blog. This regulation is a paradigm shift in the way companies think data, and it will definitely strengthen the consumer’s data consciousness. We predict Dataethics to become a major tech-trend in the coming years and we will encourage to be more aware of your data management in general. One thing is to use the best solutions, another thing is to use it right. That will always be your responsibility.

We will, of course, help you to use Contractbook in the best possible way, and have any questions regarding the GDPR and Contractbook, feel free to contact us.

We hope you can take a little break during the holidays — with a clear consciousness and the true Christmas spirit maintained.

Have a compliant Christmas everyone!