The legal minimum requirements for data protection in handling personal data are formulated in a comprehensible manner and designed in such a way that SMEs are not overburdened in terms of organisation and finances. The VdS 10010 guidelines are based on the EU General Data Protection Regulation (GDPR) and the current Federal Data Protection Act (BDSG-new).
From the VdS guidelines 10010, measures and processes can be derived with comparatively little effort to help SMEs achieve an appropriate level of data protection. If necessary, an additional review of the management system processes by a legal advisor with expertise in data protection can be carried out downstream to confirm the necessary legal certainty.
With a VdS-certified data protection in accordance with VdS 10010, there are a number of advantages for SMEs:
- The VdS certificate confirms that the company has prepared itself organisationally, technically and preventively for the requirements - and has suitable processes in place.
- The VdS certificate generates a high level of trust among your customers, suppliers and other stakeholders in the data protection-compliant handling of their data. Competitive advantages are the result.
- The company extends its risk management to include the aspect of data protection. This is an indispensable must for corporate security, especially with regard to possible requests for information, inspections by the supervisory authorities and the threat of fines.
- The risk transparency in the company is increased and thus relieves the management. The company can concentrate on its core processes again.