You're about to create your best presentation ever

Gdpr Powerpoint Template

Create your presentation by reusing a template from our community or transition your PowerPoint deck into a visually compelling Prezi presentation.


Transcript: Encryption is a procedure that converts clear text into a hashed code using a key, as that the outgoing information can only become readable again by using the correct key. This reduces the abuse risk within a company, as access is limited only to authorized people with the right key. One must consider the state of the art, implementation costs and the type, scope, circumstances and purpose of the processing. As a rule, if one loses a mobile medium on which data are encrypted using state of the art methods need not be reported. The person involved must be given a true choice for the consent to be voluntary. The person impacted must, in all cases, be explained the ability to retract their consent. It can be executed in electronic form. There is an additional consent or agreement requirement from those with parental rights for those who are under the age of 16. Personal data are all information which is related to an identified or identifiable natural person. Identifiers can be a name, an identifying number, location data, an online identifier or one of several special characteristics, which expresses the physical, physiological, genetic, mental, commercial, cultural or social identity of these natural persons. Subjective information such as opinions, judgements or estimates can be personal data. A person obtains this capacity with his birth, and loses it upon their death. Data protection does not apply to information about legal entities such as corporations, foundations and institutions. Companies must appoint an operational Data Protection Officer. Corporate groups can appoint a joint operating Data Protection Officer. A Data Protection Officer must provide some professional knowledge in data protection law and IT security which includes the complexity of data processing and the size of the company. A Data Protection Officer's duties include acting on the compliance to all relevant data protection regulations, monitoring specific processes, such as data protection impact assessments, employee awareness and training employees, as well as collaboration with authorities. Despite the monitoring function, the company itself remains responsible for compliance with data protection regulations. Prohibition with opt-in permission applies here for the processing of personal data. Email marketing is allowed without consent for existing customers if the company has a justified interest in ‘cold’ acquisition through email marketing. Secure third countries are those for which the European Commission has confirmed a suitable level of protection in a decision of appropriateness. The third countries are Andorra, Argentina, Canada (only commercial organisations), Faroe Islands, Guernsey, Israel, Isle of Man, Jersey, New Zealand, Switzerland, Uruguay and USA (if the receiver belongs to the Privacy Shield). Data transfer to these countries is expressly permitted. For other countries, the processor must ensure in another way that the personal data will be sufficiently protected by the recipient. This can be assured using standard data protection clauses, for data transfers within a Group through “binding corporate rules”. Encryption Right of Access Data Protection Officer Personal data must be erased immediately as long as: The data are no longer needed for their original processing purpose, or The impacted person has withdrawn his consent and there is no other reason for justification, or The impacted person has objected and there is no preferential justified reason for the processing, or Erasure is required to fulfil a statutory obligation under the EU law or the right of the Member States. Third Countries The right of access includes processing purposes, processing category of personal data, categories of receivers, planned duration of storage, information about the rights of those impacted, the right to object to processing, information about the origin of the data etc. GOAL! Email Marketing GDPR Consent Right to be Forgotten Personal Data


Transcript: General Data Protection Regulation Guidance May 2018 GDPR requires data to be; processed lawfully, collected for specified and legitimate purposes, adequate, accurate, permits identification of subject for no longer than is necessary and processed in a secure manner. 1 2 72 hour deadline... Do we need a DPO? A Data Protection Officer can be appointed to lead and maintain GDPR complaince within your organisation. DPO duties: Advise organisation and staff on GDPR obligations Monitor compliance with GDPR Provide advice on impact assessments & monitor performance Act as the point of contact with the ICO – contact details should be published & communicated to ICO Failure to safeguard an individuals privacy! Failure to safeguard an individuals privacy or sharing personal data without permission will result in SIGNIFICANT FINES & ACTION. #GDPR Tour bus hits the road Raising awareness within your organisation is the first step to complioance. Staff should be aware of GDPR and grow their knowledge pertaining to how it impacts their function. Data can take several forms, typically it is information about other people or other organisations. Breaches are NOT just computer bound, they can occur: In conversation - in person or over the phone where consent has not been given (communications policy). Where information is written down on paper - then lost, stolen, shared or used without consent (all paper based data must be shredded or filed appropriately after use). Filed inappropriately in an unsecured environment and retained indefinitely without clear notification to the data subjects. Where data is left on a desk and observed by unauthorised personnel (clear desk policy) Where data is deposited to the wrong address internally/externally - human error How is data defined? Awareness and acceptance of DPO policies EU organisations are in the process of reviewing, rewriting and reissuing data protection guidelines to ensure complaince. Make yourself aware of their contents before May 2018. Training and awaremess sessions to all staff are essential. Video summary Video summary


Transcript: PERSONAL DATA BREACH What is Personal data Breach? A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. A data breach can be caused by either human handling error, a system error or of a malicious intent. An example: When we send an email with personal data to the wrong recipient Personal Data Breach is a very serious matter. We, at Customer Service, must not use the term “Personal Data Breach” when advising the customer. How to report and register a suspected Personal Data Breach? We can report and register any potential Data Breaches via a webform on Self-Service. 1st line: 1. Assess if it’s a potential breach of personal data. 2. Apologise to the customer and assure them that we will investigate the matter. 3. Escalate the matter to your local Back Office marking it clearly in the subject line that it is regarding a potential data breach. Please do not write down another customer’s data in the ticket/case/MOCS/email. PERSONAL DATA What is Personal Data? All kinds of information which can be directly or indirectly (including pseudonymized data) related to a person who is alive. Anonymized data that can no longer be connected to a specific customer is not considered personal data. What does "processing of personal data" mean? The term “processing of personal data” is broad. It covers everything we do with personal data; anything from collecting (in a data base or on paper) to storing and deleting it. Fore example: Storage, Collecting, Deletion and more. GDPR Traceable consent (such as a tickbox on a website) must be given by the customer for their personal data to be used in a specific activity. Keeping it simple - this is why we do not create accounts for customers over the phone. FACT! We as a company do not process any customer data that is seen as Sensitive Data, therefore, there should never be any mentioning in any record in any system about any of these, no matter the reason. Some examples: Religion, Race or ethnic origin, Sexual orientation and more. Fulfilment of Contract This legal ground is used when processing of personal data is necessary to be able to fulfil a contract with the customer. Example: H&M needs to process a customer’s name and address in order to ship an order which is placed at our online store. A fulfilment of a contract is also applied when signing up for a club membership. Balance of Interest H&M can also process personal data based on a legitimate interest, if such interest is proportionate and respects the customer’s integrity. Example: If a customer has registered an account with H&M Online shop, then we are allowed to profile the customer to personalize customer offers. Legal Obligation H&M is allowed to process personal data if it is specifically required in another legislation which is applicable to H&M. Example: H&M need to keep specific personal data from customer’s transactions for bookkeeping rules. Examples: • Name • Address • E-mail address • Telephone number • Username • Customer/order number • Buying habits • Photos Other Data related topics We may receive contacts from customers, employees and external companies regarding personal data handling, or any other issue not outlined in the previous chapter. This would be the procedure for the 1st line agents: 1. Check if you can find the answer in this user guide and provide answers. 2. If you are unable to provide answer or if you feel the issue needs to be escalated, please pass the errand on to your local back office team.

powerpoint template

Transcript: Nobody knows babies like we do! Quality products . Good Customer service. Every Kid really loves this store.. BABYLOU ABOUT US About Us BabyLou was established in 2004. It has been more than a decade since we started, where we have ensured to take care of every need and want of every child and infant under one roof, true to the caption “NO BODY KNOWS BABIES LIKE WE DO”. Our benchmark is to provide 100% customer service and satisfaction and continue to deliver the same with a wide range of toys, garments and Baby Products. Play and Create We Are Best 01 02 03 Block games Building Blocks help Kids to use their brain. PLAY TO LEARN in Crusing Adventures Our Discoveries Enjoy a sunny vacation aboard a luxury yacht with the LEGO® Creator 3in1 31083 Cruising Adventures set. This ship has all the comforts you need, including a well-equipped cabin and a toilet. Sail away to a sunny bay and take the cool water scooter to the beach. Build a sandcastle, enjoy a picnic, go surfing or check out the cute sea creatures before you head back to the yacht for a spot of fishing. Escape into the mountains Disney Little Princes in Also available for your Babies..... Also... Out of The World… Our reponsibility BABYLOU…. Our Responsibility All children have the right to fun, creative and engaging play experiences. Play is essential because when children play, they learn. As a provider of play experiences, we must ensure that our behaviour and actions are responsible towards all children and towards our stakeholders, society and the environment. We are committed to continue earning the trust our stakeholders place in us, and we are always inspired by children to be the best we can be. Innovate for children We aim to inspire children through our unique playful learning experiences and to play an active role in making a global difference on product safety while being dedicated promoters of responsibility towards children.

Now you can make any subject more engaging and memorable