SPECIALISED SERVICES FOR HONG KONG BASED ORGANISATIONSThe E.U. is Hong Kong's 2nd largest Export Market after mainland China
What GDPR means to you
How we can help
Want more information?
Specialised GDPR services for Hong-Kong based organisations
Hong-Kong businesses do billions of Euro in trade with the EU every year, and are one of the world’s largest regional centres due to it’s unique history and geography. Hong Kong is a popular location for multi-national organisations’ regional headquarters, a leading telecommunications hub, and is an important global banking and financial centre. Hong Kong also has one of the world’s busiest airports for international cargoes and one of the world’s busiest container ports. As such the ongoing supply of goods and services to the EU and beyond are critical to it’s continued growth.
To ensure that this lucrative partnership with the EU is maintained it is critical that Hong Kong-based businesses comply with the latest data protection legislation (EU-GDPR), which came into effect on 25th May 2018, otherwise their EU-based customers may be forced to go elsewhere.
E.U. organizations are encouraged to undertake a Data Mapping exercise and Supply Chain review, and this triggers due diligence requests and might highlight as nonconformity as Hong Kong is not on the “Adequacy List”, which is a list of countries vetted as safe for cross-border transfers of PII (Personally Identifiable Information).
As such Hong Kong-based businesses need to take action now to ensure they have time to make the relevant changes to their policies and procedures to ensure compliance with the GDPR.
How do you know if the GDPR effects you?
Do you have customers or partners in the E.U.?
If so the GDPR definitely applies to you and you need to be compliant to continue working with or supplying those organisations.
Do you Accept E.U. currencies?
If you accept these currencies then it can be demonstrated that you are targeting E.U. data subjects.
Are your “Target Markets” E.U. Data Subjects?
Travel and Tourism, Hosting and Data Centres, Software, Cloud Services and E-commerce are some of the hardest hit sectors.
Is your Marketing / Strong Web Presence written in E.U. languages or uses E.U. terms/references?
If you have content written in E.U. friendly terms or languages then it can be argued that you are actively targeting E.U. data subjects.
Book your 15 minute consultation and speak to one of our experts who can evaluate your needs, and answer any queries you may have regarding the GDPR.
15 minute consultation
How we can help
GDPR123 are compliance experts who can guide you through the process of becoming GDPR compliant so that you can build client confidence, help you satisfy due diligence investigations as well as avoid fines and remedial actions imposed by the Supervisory Authorities. We have experience of working with organisations based in Hong Kong and are well placed to assist and advise companies with regards to their GDPR Compliance.
- Stage 1 Audit / Gap Analysis
Your organization will be measured against the GDPR which will result in a Non-conformity report. This is a clear set of instructions that explain what you need to do to become compliant.
- Prepare a Legal Register and Documents
Register an interest in the EU as well as review/supply policies, procedures and plans.
- Cross border transfers
Make your organization complaint with Cross Border transfers of PII (Personally Identifiable Information).
- Prepare a Due Diligence Pack
Quickly turn around and satisfy Due Diligence enquiries.
- Cyber Insurance Review
Ensure you have the right level of cover in place.
- Review Web Operations
This includes Web based forms to ensure they obtain appropriate and affirmed consent as well as ensure they are unambiguous.
- Training and Awareness
With 8 in 10 data breaches resulting from Human Error, the GDPR requires organisations to implement appropriate organisational measures to ensure the safeguarding of PII (Personally Identifiable Information). This includes appropriate levels of awareness training.
- Supervisory Authorities
EU companies deal with one, their own but you may have 28 soon to be 27 with Brexit!
- Dealing with Brexit
We understand the implications of Brexit and will advise you accordingly as the various stages of Brexit are implemented.
- 72 Hour Breach Notifications
It is important to have an appropriate and tested plan in place for data breaches. Failure to have this in place can attract a penalty of between 2% of your global turnover or 10,000,000 Euro (Approx. $12m) or 4% of your global turnover 20,000,000 Euro (Approx. $24m). The fines are calculated to whichever is the greater and are purposely designed to be dissuasive.
- Handle SARs (Subject Access Requests and Rights Requests)
GDPR gives Data Subjects human rights in terms of their Data and with this comes their right to request the Data Controller or Data Processor to undertake certain actions. Failure to respond to a request in time is a breach if their rights and is taken very seriously so you need to be prepared.
- Determine and Appoint/Act as a DPO Data Processing Officer
In some cases a DPO needs to be appointed. We will help you determine if you need a DPO or make a recommendation if it would be advisable.
GDPR123 COMPLIANCE FRAMEWORK
Cloud-based “GDPR Compliance Assistant” Software
Fully Annotated Regulation Documents
Over 80 Policies, Procedures, Plans and Registers
Data Flow Mapping Tools
Set of Physical Folders and Manuals for reference and record keeping
Support and Guidance from your own team of GDPR experts
We provide everything you’ll need to both achieve and maintain compliance!
All prices shown are subject to VAT
Search All Sectors
Marketing / Telesales
Charities / Non-Profit
Child Services / Education
Retail / E-commerce