GDPR DPO Outsourcing - Waystone

      GDPR DPO Outsourcing

      We have designed an annual subscription service that is tailored to a client’s specific needs for these services.

      Data Protection Officer (DPO) as a service

      The General Data Protection Regulation (GDPR) continues to challenge fund boards and their investment managers in the European Union due to its complexity and the consequences of non-compliance.

      Waystone provides a range of tailored services to suit the specific needs of your fund and organisation. We will begin with an assessment of in-scope activities and functions and then recommend an appropriate solution that may include the following:

      Provision of a Data Protection Officer

      A Data Protection Officer (DPO) is a regulatory requirement under GDPR for certain organisations whose core activities include the regular and systematic large-scale monitoring of data subjects, with examples including assessments for fraud prevention and the detection of money laundering.

      The key responsibilities of a DPO include:

      • informing and advising the organisation of its obligations
      • monitoring compliance with the GDPR and an organisation’s own policies
      • providing advice on Data Protection Impact Assessments and monitoring performance
      • liaising with the supervisory authorities
      • acting as a contact point for supervisory authorities and data subjects.

      A DPO must have expert knowledge of data protection law and practices. In addition, the DPO should also be independent, which can be difficult if the role is filled internally.

      Data protection advisory

      Waystone’s data protection advisors provide the full spectrum of support functions to ensure ongoing GDPR compliance including:

      • reporting to the board on the data protection activities of the fund and its service providers
      • drafting and reviewing data protection policies and procedures
      • preparing Data Protection Impact Assessments
      • providing regulatory updates from supervisory authorities including the Data Protection
        Commission, the European Data Protection Board and the European Court of Justice
      • rapid response to data breaches, including compilation and assistance in reporting to supervisory authorities
      • assisting with data subject rights requests.

      EU Representative

      Under GDPR, where a data controller or processor is not established in EU, they may be obliged to designate a representative within the EU to liaise with supervisory authorities and data subjects. With a substantive EU presence, Waystone can provide your fund and organisation with an EU representative.

      Waystone Compliance Solutions is an ISO-certified consultancy dedicated to delivering the highest quality, independent information security and data protection support to its clients. Our senior consultants hold a variety of data protection qualifications and are members of data protection organisations such as the Association of Data Protection Officers and the International Association of Privacy Professionals (IAPP).

      If you have any questions, or would like to discuss your data protection requirements with us further, please  contact us below.

      Get in touch

      Call us

      Select phone
      • Cayman Islands
      • Chicago
      • Hong Kong
      • Ireland
      • London
      • Luxembourg
      • New York
      • San Francisco
      • Singapore
      • Switzerland
      • United Arab Emirates (Dubai)
      • United Arab Emirates (Abu Dhabi)