Africa
Data Privacy Group is a “one stop shop” for your regional and global data protection needs. Irrespective of your international jurisdiction, our global team serves you globally with local, regional and international data protection services. Our solution is complete, end-to-end, builds bridges between IT, legal and business, and adheres to best practices. We empower your organization to avert costly data breaches and reduce risks of non-compliance that could result in fines from the regulator and loss of trust of your customers.
Solution packages
We have designed a scalable Data Protection service “packages” within the African market that will suit start-ups, corporations, groups as well as international conglomerates, irrespective of the sphere of industry. Alternatively, we can provide you with a tailor-made roadmap, outsourcing, or privacy by design solutions.
The following packages are designed for companies that want to conform to the Protection of Personal Information Act (POPIA) of South Africa as one of the newest privacy standards in the region. These packages guarantee compliance with data privacy at the shortest possible time.
STARTUP
Startup package is our unique solution, applicable for a small and middle sized startups, which have to be GDPR compliant. All the basic steps to reach compliance shall be taken, including:
Developing the record of processing activities (RoPA) and determining legal grounds for processes.
Compiling a Privacy Notice and Internal Data Protection Policy.
Determining the roles in processing operations (controllers / joint controllers / processors / third parties).
Creating a cookie-banner and drafting a cookie-policy for the company’s website.
STANDARD
Basic level of compliance that includes:
Developing the documentation of all processing operations and determining legal grounds for processes.
Determining the roles in processing operations (responsible party or operator).
Compiling a Privacy Notice and Internal Data Protection Policy.
Staff awareness training.
Consultation where required.
GOLD
Medium level of compliance, including Basic package plus reviews and recommendations for improving processes involving personal data, and processing agreements. In question, Gold package includes:
Description of the processes in which personal data are involved with a list of recommendations and risk pre-assessments.
Drafting data processing agreements with counterparts.
Conducting Privacy by Design sessions.
Staff training on rules of personal data processing and information security requirements.
PLATINUM
High-level compliance, which includes Gold package services, plus product audit with detailed recommendations, customization of processes for handling data subject requests and data breaches, meeting transparency requirements. The peculiarities of this option are:
A comprehensive audit of the product and description of its data processing activities.
Ensuring compliance with the openness requirement by providing multiple forms of privacy notices and policies.
Implementing Cookie banner settings.
Conducting a vendor audit.
Assistance in implementing the processes of reporting data breaches and responding to data subjects’ requests.
