Cmacc gdpr server en - 20170606

Preview:

Click to see full reader

Citation preview

CMACC SERVER – A CONTRACT SERVER FOR GDPR

Cmacc Transact  MarcDangeard◦ Engineering(Supaéro)andBusiness(HEC)background◦ Entrepreneur(25yearsinSiliconValley)◦ Oracle,Sony,manystartups

 CmaccTransact◦ Createdin2016todoaPOCwithCaissedesDépôts◦ Cmacclanguage/server,basedonCommonAccord

CMACCSERVER-MAY2017 2

Personal data from the very first interacCon

CMACCSERVER-MAY2017 3

Whathappensnext?Whatdataiscollected?How?Whereisitstored?

Howlongisitkept?Whohasaccess?

PaulvisitsMyCorpwebsite PaulagreetoTermsofUse(withoutreading)

Data in the enterprise: many silos

CMACCSERVER-MAY2017 4

?Manysilos,coordinatedaroundlinearprocesses

Noeasydataprivacymanagement

DPO

LouispreparesaTermsofUsedocument

Bernarduploadsthedocumentonthewebsite

Jeannesendsmarke\ngemails

Marieshipsproducts Pierrecollectspayments

MSWorddocumentinafolder

Cookies Emailcampaigns+CRM ERP+Shippingso^ware FinancialsystemLEGAL IT MARKETING BACKOFFICE COMPTA

GDPR – May 25th, 2018 Informedconsent

Accesstodata,righttobeforgoaenPortability

◦  Structuredformat,datatransferreddirectlyfromoneprocessortotheotherifpossible

◦  Tomakeiteasytoswitchserviceproviders

Privacybydesign/bydefaultCulture,process,butalsotoolsto:

◦  Informusersoftheirrights

◦  Managetheserights(access,changes,righttobeforgoaen)

◦  Renewconsentsasneeded

CMACCSERVER-MAY2017 5

What is GDPR was an opportunity to re-focus the enterprise around data?

CMACCSERVER-MAY2017 6

What if the DPO could manage all enterprise data with a simple tool?

CMACCSERVER-MAY2017 7

Contract server

CMACCSERVER-MAY2017 8

VSCodeplugin

Opensourceproseobjects

AIcapture

Databinding

Proseobjects

Contractserver

Webpagegenera\on

•  APIforcustomUI•  APIforContractLifecyclemanagement

•  APIforSmartContracts

PDFgenera\onPrivateproseobjects

Benefits (GDPR)  ManageTermsofUsetemplates

 Mul\-juridic\ons

 Mul\-lingual

 ManageUserInforma\onno\ces

 ManageallcontractsthatareimpactedbyGDPR(BCR,sub-contractors,etc.)

 Managerelatedvisualinterfaces

CMACCSERVER-MAY2017 9

An improved user experience

CMACCSERVER-MAY2017 10

PaulvisitsMyCorpwebsite Hegivesaninformedconsent,thankstothevisualcluesprovided

ontopoftheconsentform

Paulobject

MyCorpobject

TermsofUse

source:DisconnectPrivacyIconsserverviaLegaltechdesign.com

CMACCSERVER-MAY201711

DPOLEGAL

Paulobject

MyCorpobject

TermsofUseobject

Usersobjectsdatabase

DataStore

Managementofconsentsandothercontracts

Groupobjects

Partnersobjects

Salescontractobject

ProseObjectsdatabase

An architecture for GDPR

A “data store” to manage all data

CMACCSERVER-MAY2017 12

Consentsarecapturedfromthewebsiteanddue

processcanbedocumented

Manageeasilyupdatesresul\ngfromchangesininternalpolicy

orchangesinthelaw

Userscaneasilychangetheirchoices,updatetheirconsentorthe

relateddata)

Salescontractswithpaymentandshipping

informa\on

Deliveryreceipts,no\cesofclaim,

etc…

Invoices,Statements

Asystemtomanagealldata,includingUIfortheuserstoaccesstheirdata,andfortheDPOtohave

aviewofhowdataiscollectedandmanaged

LouispreparesaTermsofUsedocument

Bernarduploadsthedocumentonthewebsite

Jeannesendsmarke\ngemails

Marieshipsproducts Pierrecollectspayments

Cmaccproseobjects Cookies Emailmarke\ng+CRM ERP+Shippingso^ware FinancialsystemLEGAL IT MARKETING BACKOFFICE COMPTA

1 2 3 4 5 6

DPOContractsserver+DataStore

From compliance to business opportunity

CMACCSERVER-MAY2017 13

Asystemtomanagedataprivacy,including:•  Manageusersrela\onships

•  Build tools to collected an informed consent, withvisualcluesandabilitytomanagedataprivacyrights

•  Buildtoolstocollectconsentforminors

•  ManageallcontractsimpactedbyGDPR

•  Adatastoreastheonesourceoftruthforuserdatawithintheenterprise

•  ThisdatastoreusedinternallycanbeopenedwithanAPItobecomeadatastoreforendusers

•  API and autoriza\on management so that the next\meauserwantstopurchasefromAmazon.com,shecan provide a link to the data store rather thanhavingtoprovidepersonalinforma\ondirectly.

COMPLIANCE OPPORTUNITY

Cmacc server – a contract server for GDPR

 ManageTermsofUsetemplates

 ManageUserInforma\onno\ces

 ManageallcontractsthatareimpactedbyGDPR

 Managerelatedvisualinterfaces

Cmacc Transact � HEC Paris � Supaéro

marc@cmacctransact.com+33(7)68112325

Databinding

Proseobjects

Contractserver

CMACCSERVER-MAY2017 14

Recommended

GDPR an Introduction - Community Works · 2017. 11. 15. · GDPR an Introduction Are You ready? GDPR monetary penalties. GDPR an Introduction Are You ready? Paul Hamill - Assurance
Documents
Seal Software - GDPR INSIGHT · 2019-02-28 · gdpr y gdpr y gdpr y fortune 500 company contract profile fortune 500 company contract profile fortune 500 company contract profile
Documents
Cmacc Transact value infra - one slide - EN
Documents
SYMPHONY’S GDPR COMPLIANCE STRATEGYs GDPR Compliance Strategy.pdfSYMPHONY’S ROLE UNDER THE GDPR The GDPR distinguishes two roles that organisations can play: controllers and processors
Documents
GDPR: What’s going on? - necsia.esa-Necsia-GDPR-360... · (ISO27001, GDPR, PCI-DSS) GESTIÓN DE RIESGOS Y DE TERCEROS ... Curso básico GDPR ... concienciación en GDPR
Documents
BVMS - GDPR
Documents
GDPR: Impact on the Education Sector GDPR... · 2018-03-01 · GDPR: Impact on the Education Sector 8 February 2018 ©Rollits LLP 2018 ... Introduction . Today [s session • GDPR
Documents
Roadmap to the GDPR - The Extraterritorial Reach of the GDPR
Documents
Jargon buster guide to GDPR - Bitpipedocs.media.bitpipe.com/io_10x/io_102267/item... · Jargon buster guide to GDPR In this e-guide: (GDPR) comes into effect on 25 May 2018. GDPR
Documents
gdpr Compliance Checklist - Global Privacy & Security ... · GDPR Compliance Checklist . GDPR Compliance Checklist This GDPR Compliance Checklist sets out the key requirements that
Documents
Trabajo de Graduac on MAE Holcim-Lafarge 20170606)
Documents
CMACC 2017 PRESENTER PROFILES 5 - High Caliber€¦ · CMACC 2017 PRESENTER PROFILES Frédérique Keller, DOM, L.Ac, the current President of the AAS, Frederique holds a Master of
Documents
GDPR Compliance
Data & Analytics
[GDPR Webinar Slides] Preparing for the GDPR - the Compliance Countdown Begins
Technology
GDPR Self-Assessment...GDPR Self-Assessment HONcode Certification Data protection is the fair and proper use of personal information • What is the GDPR? The GDPR is the General Data
Documents
GDPR Best Practices Implementation Guide news items/GDPR... · 2020. 3. 30. · This GDPR Best Practices Guide puts forward a GDPR implementation methodology designed to: • Engage
Documents
BRITISH MODEL FLYING ASSOCIATION General Data Protection (GDPR…btckstorage.blob.core.windows.net/site11032/GDPR/BMFA... · 2018-05-11 · 5 GDPR 2018 V1.1 12 Steps to GDPR Compliance
Documents
GDPR digest - tmaclub.com · ARE YOU GDPR READY? {More than a MORTGAGE CLUB} GDPR digest
Documents
GDPR - VaronisEU GDPR Lesson 1 4 What is the GDPR? Why do we Need it? EU GDPR Lesson 2 8 Data Protection by Design and by Default EU GDPR Lesson 3 10 The Right to Be Forgotten EU GDPR
Documents
Common accord cmacc transact - iaccm presentation 20170509
Technology