Data protection affects all of us

Why is data protection important for KWS?

First of all: the principles of the EU General Data Protection Regulation, GDPR, reflect our company’s values - all our employees, customers and any other business partners can be confident that we will handle their personal data with the utmost care and keep their data confidential and safe.

However, this new development triggered a dramatic increase of administrative obligations. The rules of the game have changed dramatically.

What is our response to this challenge?

In order to simplify the application of the GDPR for everyone, the Group Compliance Office (GCO) launched a new tool, the Data Protection Management System (DPMS). This SharePoint tool is located among the Intranet Applications under the menu item "Compliance" and as an extra Application (last of the ~40 applications).

What support does the Data Protection Management System offer?

In the FAQ section, you will find a lot of questions “What do I have to do in XYZ situations?”. In the Glossary, you will find the most relevant definitions (e.g. what exactly is defined as “personal data”). Furthermore, guidance, checklists and work instructions lead through the data protection jungle.

Employees in charge of implementing and handling the legal requirements can find specifically tailored checklists, information tools, templates and support for specific questions as well as documentation platforms.

The tool aims at supporting you in a simple way to put the data protection requirements into daily practice. And good to know: The tool will grow with your contribution: Something unclear? Something missing? GCO will provide additional content according to your needs.

Responsibilities

Which employees deal with data protection topics?

Since almost every employee processes personal data such as names, addresses, telephone numbers, birthdays, bank details, salaries, employee relationships – in short: data that can be associated with a person – data protection affects all of us. Almost every employee has to deal with data protection aspects in his/her day-to-day work – be it in contact with customers or in HR or in visitor management. In short, special care should be taken in all cases where personal data is collected and processed. Human resources, sales and marketing departments normally process most of the personal data. Therefore, they must apply the highest degree of care in their day-to-day work.

What are the consequences if employees disregard the GDPR?

The law provides very high fines, which may go from 2 percent to 4 percent of the KWS worldwide revenue if the legal requirements are not fulfilled. On top of that, employees themselves can be subject to fines.

Once again – is Data Protection only about personal data?

Yes. The handling of know-how data (research results, market strategies, ...) or company data has nothing to do with the data protection law which is only about personal data. But, of course, employees should be just as sensitive to company data.

Where does the GDPR apply?

Only in the European Union. However, it is foreseeable that other countries will develop their data protection laws by implementing a similar approach of protecting data subjects, as many countries – e.g. Russia, China, Turkey and Serbia – have already done.

Will the KWS DPMS be applicable in other countries outside the EU?

If it makes sense, yes. However, it is necessary to go through each template with a local lawyer and adapt it to local circumstances. Therefore, the tool is not yet applicable outside the EU. |