Date: April 04
Location: Park Inn by Radisson, Oslo Airport Gardermoen
RSVP before March 20
Zalaris is processing personal data on your behalf as a data processor while you as the owner of the personal data is the data controller. This means that GDPR imposes direct compliance obligations on both our organizations. We take this shared responsibility seriously and hope that we can work together in the journey toward GDPR compliance.
Zalaris is therefore pleased to invite you to our Nordic Seminar, where we team up with EY to put the spotlight on GDPR and its implications for you and our relation as controller and processor of personal data.
What is GDPR?
The General Data Protection Regulation (“GDPR”) is a comprehensive reform on data protection rules in the EU. This Regulation governs the protection of natural persons with regard to the processing of all types of personal data and rules relating to the free movement of personal data.
The GDPR will enter into force 25th of May 2018. One of the most significant changes in GDPR is the increased fines for non-compliance, which from 2018 can be up to 4% of annual worldwide turnover or €20,000,000. There is an increased focus on the accountability of organizations, and they will have to be able to prove by documentation, processes and operations that necessary frameworks are in place to safeguard personal data.
Further changes in the new GDPR include strengthened individual rights, mandatory breach notifications and the requirement to ensure “privacy by design”.
Why does it concern you?
The entry of GDPR entails that privacy must be an integral part of any HR and payroll process. As employers you are the controller of personal data on your employees, and as your HR- and BPO outsourcing partner, Zalaris is the processor of that employee data. GDPR applies to both data controllers and processors in the EU and organizations that target EU citizens, including transfers of such data to third countries and international organizations. This means that we must work together to ensure appropriate safeguards are in place.
What will be covered during this seminar?
As a trusted data processor and partner for our customers, Zalaris is turning up the speed in preparations for the increased demands that this role requires. Our seminar is specifically tailored to the controller-processor relation, with the aim of building a common foundation on which to work together.
|09.00 – 09.15||Arrivals, Registration and Coffee|
|09.15 – 09.30||Welcome and Agenda by Zalaris|
|09.30 – 10.00||General understanding of GDPR through specific examples and realistic situations. Presentation by EY|
|10.00 – 10.30||Difference between the current personal data act and the GDPR, and consequence for your organization. Presentation by EY|
|10.30 – 10.45||Clarification of your role as a controller and Zalaris’ role as a processor. Presentation by EY|
|11.00 – 12.00||The journey of personal data from your organization to Zalaris and the challenges along the way. Presentation by Zalaris|
|12.00 – 12.30||What Zalaris is doing to prepare ourselves as a processor through gap assessment, awareness and BCR (Binding Corporate Rules). Presentation by Zalaris and EY|
|Lunch and mingling|
|13.30 – 14.00||GDPR seen from a local Data Protection Authority perspective. Presentation by The Norwegian Data Protection Authority (Datatilsynet)|
|14.00 – 15.15||Selected scenarios and client cases for how we apply the new GDPR requirements.
Presentations from two Clients
15.15 – 15.30
Possibility for client specific discussions with your client contact in Zalaris and GDPR professionals to discuss the situation of your company and our collaboration on this topic.
Please sign up in the questback registration