1 minute read
Method
Chapter 4 (SMEs and employees’ data) addresses data protection concerns for SMEs when processing their employees’ personal data.
The above-mentioned topics were found to be of particular concern for SMEs during the span of the STAR II project, and therefore form the exclusive focus of this handbook. More specifically, the project carried out interviews with representatives of 18 DPAs, 22 SME associations and 11 SMEs. Some observations were extracted from an additional 52-60 responses of SMEs to an online survey. Further substantive input was provided by the NAIH’s hotline dedicated to SMEs, which responded to queries from SMEs between 15 March 2019 and 15 March 2020.
Advertisement
Furthermore, following the suggestions of different stakeholders interviewed by the STAR II consortium in 2019,7 the handbook:
» includes examples and provides references to templates and guidance developed by various DPAs across the EU; » introduces the background of risk-based provisions and then provides references to good practices, where available; » suggests how SMEs can achieve compliance with the GDPR and how to transform this into a competitive advantage; » targets a wide range of SMEs, regardless of their business sectors; and » dismantles some common misconceptions about the GDPR.
Legal references without any further specification pertain to the GDPR. Hyperlinks are valid as of 21 September 2020.
7 STARII, Deliverable D2.2 – Report on the SME experience of the GDPR (July 2019) https://www.trilateralresearch.com/wp-content/uploads/2020/01/STAR-II-D2.2-
SMEs-experience-with-the-GDPR-v1.0-.pdf 25.
