The STAR II (SupporT small And medium enterprises on the data protection Reform II) consortium is pleased to announce the publication of The GDPR made simple(r) for SMEs.
The user-friendly handbook offers guidance and practical suggestions for SMEs that could facilitate compliance with the General Data Protection Regulation (GDPR). Being primarily addressed to enterprises for which personal data processing is an auxiliary activity, the handbook clarifies and explains:
- how to navigate the barrage of resources available on GDPR;
- the scope of data protection law and the scope of its application to SMEs;
- the concepts and principles that form the crux of personal data protection legal framework; and
- the theory and practice of the risk-based approach to personal data protection.
The STAR II (SupporT small And medium enterprises on the data protection Reform II) also prepared Guidance for Data Protection Authorities (DPAs) on good practices to run hotlines for SMEs. The Guidance by reflecting on NAIHs experience, when operating a hotline dedicated for SMEs that sought compliance with the GDPR, provides practical recommendations to DPAs. The Guidance was shared with the DPAs comprising the European Data Protection Board in December 2020.
The STAR II project, co-funded by the European Union within the scope of the Rights, Equality and Citizenship Programme 2014-2020 (REC-RDAT-TRAI-AG-2017), under Grant Agreement No. 814775, ran in the partnership of the National Authority for Data Protection and Freedom of Information (NAIH) (coordinator), the interdisciplinary Research Group on Law, Science, Technology & Society (LSTS) of the Vrije Universiteit Brussel (VUB), and Trilateral Research Ltd (TRI IE) between August 2018 and December 2020. More information about the STAR II project and its results are available on the project website.