GDPR – Audit
Virtually all personal data processing organizations are subject to the General Data Protection Regulation (GDPR).
An organization can be a controller or a processor of personal data, often both at the same time.
The scope is extended to the whole European Union.
It also applies to third country controllers and processors who process personal data of EU citizens.
The requirements of the GDPR are further supplemented and specified by the Czech Adaptation Act No. 110/2019 Coll., On the processing of personal data.
EZÚ offers you to independently and impartially verify compliance with one of the 7 basic principles of GDPR – Responsibility in the form of an audit.
The Responsibility of the personal data processing organizations is to fulfil the basic principles of the GDPR and all related requirements.
The audit criteria are the individual requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC protection of personal data), which entered into force on 25 May 2018.
Other requirements are selected sections of the Czech Act No. 110/2019 Coll., On the processing of personal data.
Why choose EZÚ
- We are a state-owned enterprise with a long history and the status of a trusted and qualified certification authority.
- Our auditors are top experts who participate in the creation of laws, standards and certification schemes.
- We place great emphasis on the independence and impartiality of our auditors and the quality of the resulting outputs.
- Thanks to a strong background, we have the opportunity to offer a great ratio between quality and audit price
Reasons for certification
- Control of compliance with legal obligations
- Opportunity to keep order and overview in company data
- Introduction of systematic access to personal data, their processing and storage
- Reducing risks in the area of personal data retention
- Implement corporate strategies for handling personal data