Numen is committed to helping its clients in their digital transformation projects, customer relationship optimization, document management, cultural content enhancement, data exploitation ...
Naturally aware of the treatment and protection of the personal data of the individuals for whom it is responsible in the course of its activities, the Numen Group has clearly understood the need to anticipate the measures put in place by the European General Data Protection Regulation (GDPR).
What is GDPR?
In May 2016, the European Union chose to adopt a harmonized system for the protection of Personal Data. The General Data Protection Regulation (GDPR) will enter into force on May 25, 2018, in all Member States of the European Economic Area.
By deciding to devote and strengthen the main principles of the Data Protection Act, in force since the 1978 Act, the GDPR significantly increases the rights of citizens by giving them more control over their data.
The logic followed is to create continuous compliance and reinforce the sanctioning powers of the national CNILs. Data controllers will have new tools (such as impact analyzes, registers ....) and resources ( the Delegates for personal protection).
What are the measures taken by Numen?
As part of its compliance with the GDPR, Numen has put in place:
- Appointment of a Data Protection Officer (DPO),
- Impact on privacy: implementation of the Privacy Impact Assessment methodology (guide provided by the CNIL, the French Data Protection Authority),
- Privacy by design: taking into account the securing of personal data from conception,
- Keeping of a register of treatments containing:
- Names and contact details of the various actors,
- Purpose of the treatments,
- Categorization of the data,
- Link to the PIA,
- Link to the technical documentation explaining the security, organizational and technical processes
- Process of alerting in case of data breach,
- Conservation period,
- Data hosting location
- Process of data modification / deletion,
- Auditability of the IS.
For any request, you can contact our DPO.
His job is to define the security policy of the information system and to ensure its application within the Group. He will therefore ensure a role of advice, assistance, information, training and alert for security issues of all or part of the IS.