Information technology and large-scale digital data processing introduce additional (privacy) risks, inherent in the use of this technology. These need not be directly visible at the level of end use.
In the end use you can think of the risks of metadata. Metadata are personal data generated by systems about digital behaviour as a result of the use of these systems. The use of internet technology simply implies that the technical means provide information about IP addresses, website visits, search behaviour, who is in contact with whom or with someone’s location. With this data, personal preferences and situations can be derived and profiles can be created.
Devices can now also be connected to the internet and reveal a lot of information about individuals. Think of smartphones, web cameras, thermostats, smart meters, garage doors or lighting. All these devices (The Internet of Things) generate personal data that can be used for profiling and introduce privacy risks. The GDPR explicitly points out the risks involved and prescribes mandatory technical measures to combat these risks.
Our working method is based on universal privacy principles and risks. We ask you the following questions:
- How do you process personal data?
- Do you have a legitimate interest in processing personal data?
- What security measures have you taken to protect the personal data?
- Who has access to the personal data?
- Are personal data not kept longer than strictly necessary?
- Can data subjects exercise their rights to delete or view personal data?
Based on these findings, you will receive appropriate advice from us, taking into account the size and capabilities of your organisation. The assignment is drawn up in collaboration with you and the depth of the research can therefore be filled in as desired.
Mazars can help you with
Mazars' IT and privacy specialists have extensive experience in performing Data Protection Impact Assessments (DPIA), GAP analyses, AVG / GDPR compliance assessments, Wbn and regulatory requirements (such as the Dutch Data Protection Authority, Telecom Agency, competition authorities and the Nederlandsche Bank).
Want to know more?
Do you want to know more? Please contact Niels Verhagen by e-mail or by telephone: +31 (0)88 277 12 13 or with Jan Matto by e-mail or by telephone: +31 (0)88 277 13 99. They will gladly help you.