RESUMPTION OF THE ARTICLE PUBLISHED BY PLANETE CSCA THE REPRESENTATIVE UNION OF THE BROKERAGE
Among the new compliance offerings from PLANETE CSCA to its members, GDPRfolder allows them to achieve self-guided compliance with the General Data Protection Regulation, which came into force in 2018. Jacques Folon, Founder of GDPRfolder details the functioning of this tool and its advantages for PLANETE CSCA members.
How did you design your "My RGPD File" offer?
Our idea can be summed up in a simple way: to offer an easily accessible GDPR compliance for brokers. All the information is in an online, educational questionnaire that requires no special prior knowledge, unlike other offers. Most of the questions are closed and only require a yes or no answer. For questions related to information security, it may be necessary to consult the IT department, but the main part is didactic and accessible to all. Our goal is not to sell additional consulting.
By answering the 100 or so questions that the tool lists, the broker gradually builds up his or her file, which remains the goal to be achieved. The philosophy of the RGPD itself is based on the principle of responsibility of the actors, who must demonstrate what they have put in place. When the questionnaire is completed, in one click, the broker has at his disposal a PDF file that re- takes all the measures taken by the company, for example the Privacy Policy for the website, the models of subcontracts... It is interesting to note that GDPRfolder includes all the legal documents, validated by a specialized law firm, which you can adapt to the activity of your structure.
In a few hours, even without specific training, the file can be completed. Using the example of outsourcing, the path will be: how do you manage your IT? If the broker uses a hosting company for its website and customer database, the requirement will be to sign a contract. If this contract is not formalized, a model to be customized is proposed.
The desired accessibility is also reflected in the price, 999 € excluding VAT for 3 years of support. This affordable expense also makes the subject accessible to the greatest number of structures, especially since it translates concretely into a guarantee of compliance, and is therefore analyzed as an investment against possible fines.
What are the advantages of " GDPRfolder " ?
In addition to its attractive price, the main advantage cited by users is its simplicity. The implementation is done directly by the company, without recourse to consultants or specialized lawyers.
Today, customers and prospects are increasingly well informed about personal data issues, and the certification badge that we give to our own customers allows them to show the outside world that they have started their process. Thus, compliance with the RGPD becomes a competitive advantage, in a field where the data held by customers are sensitive (financial data but also health data).
Finally, we follow the regulatory subject and we propose updates, according to the French and European recommendations. Subscribing to our solution allows you to remain in compliance with these changes and to guarantee the durability of the approach that the broker undertakes. Thus, we expect new developments on the intermediate ISO standards of the 27 000 family at the beginning of 2022. The questionnaire will be adapted to keep our promise of permanent support.
What type of clients do you have?
Since the regulation came into force, compliance is no longer solely related to the size of the company, even if we note that the majority of large organizations have already begun their compliance. The delay is rather linked to an incomplete awareness of the company managers who do not always feel concerned by the scope of the obligation, but also to the offer of solutions, often expensive and requiring the support of consultants.
2022 will be the year of a focus on VSEs/SMEs at the European level so that all structures get involved. Fines of 5, 10 or 15,000 euros can be imposed if nothing is done to take the subject into consideration, not to mention the damage to the organization's reputation in the event of public questioning.
I also note that pressure is mounting on brokers more specifically because of the efforts made by the insurance companies themselves, and because of the growing demand from customers. This double look completes the CNIL's one, and makes the brokerage world move. But let's remember that all sectors of activity, professionals and associations, must comply, which gives global visibility to this regulation.
Remarks collected by Céline Meslier
Want to know more?
Are you looking for a turnkey solution for your RGPD management?
Contact us to learn more about our solution and its applications.
