1. Set up your Wired Relations account
- Create your Wired Relations account.
- Invite your dedicated Wired Relations specialist.
- Complete Company Information and key responsible person under Settings.
2. Import data into your Wired Relations account
- Send your existing lists of systems, vendors, processing activities, DPA's etc. to firstname.lastname@example.org for migration into Wired Relations.
- If you don't have an existing list of systems, vendors and processing activities, DPA's etc. Check our template to start mapping.
3. Map all systems in your company
- Map all the systems you have in your company.
- Assign a status (Not started, In progress, Done).
- Assign a responsible person/user (a system owner or a person to complete the mapping).
- Assign the vendor behind the system (either quick create a new vendor directly from the interface or select an already created vendor).
- Select where the data is stored (either quick create an option directly from the interface or select an already created option).
- Go to Personal data and map what personal data is being processed in the system (look inside your system, ask colleagues, check the DPA and other documentation to make sure all types of personal data is mapped).
4. Map all vendors in your company
- Map all Vendors and clarify which ones are Data Processors.
- Map the geographical location of each Data Processor and transfer of Personal Data outside of your country/EU.
- Attach the data processing agreement and any other related documents.
5. Connect Systems and Vendors into Processes (processing activities)
- Map and document all processing of Personal Data in the company. We call it mapping of processing activities.
- Follow the 12 steps to complete the description of your processing activities.
6. Evaluation of the legality of processing - and the procedures and policies
- Evaluate the legality of the documented processing of personal data.
- Evaluate the validity of the Data Processing Agreements.
- Write relevant procedures and policies, and other documents.
7. Automate the Privacy Maintenance
- The privacy compliance work is an ongoing project that never ends.
- New systems, vendors, processes etc. must be mapped to stay compliant.
- Establish controls for controlling of vendors/data processors, deletion procedures, updating policies, privacy training etc.
- Integrate Wired Relations to your ecosystem (Slack, Teams, Azure AD, Gsuite etc.) for notifications, reminders and automation.
- Ensure great procedures for handling of data subjects requests, data breaches, and supervision from data protection authorities etc.
- The legal practices will change, and mapping and security measures must adapt accordingly. Stay informed.