BYDESIGN: FACILITATING GDPR COMPLIANCE FOR SMES AND PROMOTING DATA PROTECTION BY DESIGN IN ICT PRODUCTS AND SERVICES

The advent of the GDPR has created several challenges; among others, the need of SMEs for guidance and tools for their compliance to be facilitated, and the need for appropriately educated ICT professionals to implement Data Protection by Design.

The project aims to:
– Offer an online toolkit particularly tailored to SMEs, which will assist them to perform the necessary actions in order to achieve compliance, along with a set of context-aware templates of essential documents
– Develop a comprehensive training programme on Data Protection by Design, targeting developers and other stakeholders of the ICT products and services creation chain. On the basis of this programme, byDesign aims at training a critical mass of professionals, as well as university students, thereby introducing a data protection culture to the ICT community in Greece
– Maximise its impact, through awareness-raising, dissemination, networking and sustainability of project results.

The main contribution of ICT ABOVO is the actual development of the online toolkit, offered as a web application and using state-of-the-art web technologies and software. The tool achieves to present in a meaningful and user-friendly way different kinds of material offering guidance and reflecting broadly identified good practices in a number of topics, such as data protection policies, data subjects’ rights exercise templates, website related policies, terms of use, model clauses for subcontractors, sample texts for satisfying the transparency of the data processing, model records of processing activities, etc. It also realises the mechanisms for the context-aware generation of customised instances of this material, on the basis of particular features of an SME data controller, including the domains/sectors to which the controller belongs (healthcare, telecom, e-government, e-commerce, etc.), the data types collected, the processing operations it performs, the underlying purpose, complementary legal obligations etc.

Further, ICT ABOVO is actively involved in the training program designed and carried out by the project, sharing, in particular, their expertise in the practical application of the privacy-by-design principle in software development, as well as in organisational and technical measures for preventing and handling data breaches.

The byDesign project has received funding from the European Union’s Rights, Equality and Citizenship Programme (REC) under grant agreement No. 101005833 and coordinated by the Hellenic Data Protection Authority.

Project start date:
November 1, 2020

Project end date:
October 31, 2022

The advent of the GDPR has created several challenges; among others, the need of SMEs for guidance and tools for their compliance to be facilitated, and the need for appropriately educated ICT professionals to implement Data Protection by Design.

The project aims to:
– Offer an online toolkit particularly tailored to SMEs, which will assist them to perform the necessary actions in order to achieve compliance, along with a set of context-aware templates of essential documents
– Develop a comprehensive training programme on Data Protection by Design, targeting developers and other stakeholders of the ICT products and services creation chain. On the basis of this programme, byDesign aims at training a critical mass of professionals, as well as university students, thereby introducing a data protection culture to the ICT community in Greece
– Maximise its impact, through awareness-raising, dissemination, networking and sustainability of project results.

The main contribution of ICT ABOVO is the actual development of the online toolkit, offered as a web application and using state-of-the-art web technologies and software. The tool achieves to present in a meaningful and user-friendly way different kinds of material offering guidance and reflecting broadly identified good practices in a number of topics, such as data protection policies, data subjects’ rights exercise templates, website related policies, terms of use, model clauses for subcontractors, sample texts for satisfying the transparency of the data processing, model records of processing activities, etc. It also realises the mechanisms for the context-aware generation of customised instances of this material, on the basis of particular features of an SME data controller, including the domains/sectors to which the controller belongs (healthcare, telecom, e-government, e-commerce, etc.), the data types collected, the processing operations it performs, the underlying purpose, complementary legal obligations etc.

Further, ICT ABOVO is actively involved in the training program designed and carried out by the project, sharing, in particular, their expertise in the practical application of the privacy-by-design principle in software development, as well as in organisational and technical measures for preventing and handling data breaches.

The byDesign project has received funding from the European Union’s Rights, Equality and Citizenship Programme (REC) under grant agreement No. 101005833 and coordinated by the Hellenic Data Protection Authority.

Project start date:
November 1, 2020

Project end date:
October 31, 2022