Establishing a GDPR Compliant Process for Customer Data Handling of an IoT Platform​

Electrical Installation Company

Establishing a GDPR Compliant Process for Customer Data Handling of an IoT Platform​

Providing the technical basis for meeting the requirements of GDPR

The Challenge

An innovative market leader in electrical installation technology came to Eraneos for help after the introduction of GDPR meant that it needed a group-wide initiative to realign IT processes.​ The project aimed to analyze all technical systems and processes that handle personal data and adapt them to the requirements of the GDPR. 

Successfully designing processes for GDPR-compliant handling of customer data for the electrical installation technology company 

The approach

Based on risk analysis, we immediately identified the necessary controls and performed a gap analysis.​ We then sought to design relevant processes to ensure GDPR-compliant handling of customer data, making sure these were extended by checklists. The design processes included data breach communication​, rectification, access, and deletion of personal data​, GDPR-compliant customer verification​, and data record pseudonymization​. 

The result

By the end of the project, we had designed processes for GDPR-compliant handling of customer data for the electrical installation technology company throughout the complete information lifecycle.​ We created checklists for easier process compliance, made templates for official communications, and introduced processes and checklists to all relevant employees. 

Let’s create sustainable change together.