DRUPAL DATA & PRIVACY PROTECTION AUDIT

We are Drupal & data protection experts

We develop the GDPR Drupal module

We are the developers and maintainers of the open source GDPR module for Drupal. During the development process, we have gathered feedback and expertise from numerous Drupal users and have become experts of Drupal and GDPR relations.

Drupal GDPR audit from A-Z

We thoroughly analyze your solutions, identify where personal data is stored and how it is processed, map the data flow and finally propose solutions to ensure your GDPR compliance.

Audit from legal point of view also

Our services are reviewed by a specialized data privacy lawyer and may easily become a significant part of your compliance documentation.

What is GDPR and CCPA?

GDPR

GDPR is the EU’s data privacy regulation. Organisations handling personal data need to prove their compliance. Penalties may exceed 20 million Euros.

CCPA

CCPA (California Consumer Protection Act) is the newly signed regulation by the state government on June 28. The law will be enacted January 1st 2020. The CCPA is modeled after the European Union’s GDPR, which went into effect May 25, 2018.

Our Data Protection Audit Plan

Parts of the audit

  • Data discovery, data flow mapping for your Drupal database, core and contrib modules.
  • Data security and protection
  • Data protection by design and by default
  • Records of processing activities
  • Custom solution and integration discovery
  • Data protection impact assessment
  • Data minimisation and Storage limitation
  • And many special audits based on your custom system

Result of audit

Detailed documentation - audit report reviewed by our GDPR specialised lawyer.

Tailored compliance implementation plan for the extra requirements. It’s always the client’s decision what to implement/automate on what level and what security measures to undertake. We’ve mastered a set of tools which are reasonable step to utilize for e.g.

  • Anonymization
  • Encryption supported by our trusted partner Lockr.io
  • Data subject rights
  • Personalized cookie consent solution capable of blocking even 3rd party cookies.
  • Consents for forms
  • and even more: we can deliver an organisation wide centralized solution.

Length of the audit is cca. 2-4 weeks.

Why a professional guidence is important for you

ORGANIZATIONS AND INDIVIDUALS MUST CONTINUOUSLY PROVE COMPLIANCE

Organizations must provide documentation demonstrating requirements being met

Almost every company that uses Drupal is affected

Because almost every system handles personal data (eg. users’ email address might be also)

It is not easy to interpret the regulations

The GDPR regulation is quite complex, even in comparison to other EU regulations

We strive to help you meet compliance with the regulations.
Contact us for more information

gdpr@brainsum.com

Some of our Data Protection related activities

  1. Presentation given by our team members Dominika Peterova and Balu Ertl at Drupal DevDays Lisbon 2018 about data protection tools available.
  2. Presentation given by our team member Balu Ertl at DrupalCamp Transylvania 2018 about the existing Drupal GDPR contrib modules
  3. Presentations given by our team member Balu Ertl on BDUGs in January and February 2018
  4. Attendees of numerous GDPR conferences
  5. Blogpost no1 | 12 common GDPR myths
  6. Blogpost no2 | The Official GDPR Sources: Your Trustworthy List
  7. GDPR Drupal module developed and maintained by us