Project Proposal for

EU GDPR Compliance
Subtitle or presenter

1
Content

• Reasons for complying with the EU GDPR

• Purpose of the project
• Benefits of an EU GDPR Compliance Programme
• Implementation details
• Milestones
• Resources
• Deliverables

Copyright ©2019 Advisera Expert Solutions Ltd. All rights reserved. 2

Reasons for Implementation (1/2)
Primary reasons:

• EU GDPR is a piece of legislation which is applicable in the

EU and in non-EU countries
• Avoid hefty new fines for non-compliance
• Improve marketing edge (image and credibility) by
ensuring customers and partners that you are fully
complaint with the EU GDPR and can properly protect
their personal data
• Improve internal organization by better defining
responsibilities and duties in regard to protecting
personal data

Copyright ©2019 Advisera Expert Solutions Ltd. All rights reserved. 3

Reasons for implementation (1/2)

Regulatory
Avoid fines
compliance

Optimizing
Marketing edge business
processes

Copyright ©2019 Advisera Expert Solutions Ltd. All rights reserved. 4

Reasons for implementation (2/2)
Secondary reasons:
• Integrate data privacy to business process for better
alignment
• Improved and compliant marketing practices
• Improved and compliant data protection clauses in your
commercial contracts
• Avoid complaints from your customers and employees

Copyright ©2019 Advisera Expert Solutions Ltd. All rights reserved. 5

The main objective of the project
What do we want to achieve?

• Full EU GDPR compliance by [date]

Copyright ©2019 Advisera Expert Solutions Ltd. All rights reserved. 6

Implementation details
• Project manager: [insert name]
• Project sponsor: [insert name]
• Project duration: [insert number of months]

Copyright ©2019 Advisera Expert Solutions Ltd. All rights reserved.

Milestones (1/2)

Milestone Due date

Establish the project

Develop top-level policies

Organize your data protection

Build up data inventory

Manage data subject rights

Copyright ©2019 Advisera Expert Solutions Ltd. All rights reserved. 8

Milestones (2/2)

Milestone Due date

Data Protection Impact Assessment (DPIA)

Personal data transfers

Third-party compliance

Personal data protection

Handling data breaches

Copyright ©2019 Advisera Expert Solutions Ltd. All rights reserved. 9

 Resources (1/2)

Human Internal resources – [list internal resources, e.g.,

resources group name]
External resources – [list external resources, e.g.,
consulting company]

Technical Tool – [Tool name]

resources

Copyright ©2019 Advisera Expert Solutions Ltd. All rights reserved. 10

 Resources (2/2)

Financial Amount: [define amount of money needed to

resources finish the project]
Cost types: [split costs according to the cost type
and include all resources listed here, e.g., human
resources – internal and external, technical, and
other resources]
Other Documentation templates
resources

Copyright ©2019 Advisera Expert Solutions Ltd. All rights reserved. 11

Deliverables

• Data Protection Policies

• Privacy Notices
• Inventory of Processing Activities
• Managing data subject rights management
• Data Protection Impact Assessments
• Third party management
• Security measures
• Data Breach Management

Copyright ©2019 Advisera Expert Solutions Ltd. All rights reserved. 12

 Project proposal for
EU GDPR compliance
Presenter’s name

Copyright ©2019 Advisera Expert Solutions Ltd. All rights reserved. 13