I was recently asked by OnePageCRM to discuss GDPR and Legitimate Interest Assessments with them on a webinar – which I happily did. This is why.

GDPR Vendor Management

Third party vendor management, due diligence and platform auditing can pose a problem for smaller businesses. Part of the work I do, especially on initial benchmark type audits, is to do a desktop audit of your vendors, inspecting their services and products and documentation publicly available and supplied to your business. OnePageCRM is a local, Irish offering that a client of mine asked me to have a look at and when I did I was duly impressed with their apparent dedication to ensuring a GDPR compliant service for their customers. Tip: first step in assessing a vendor is having a peek at their publicly available privacy information usually found in a privacy notice and terms they make publicly available.

Their Team

Without OnePageCRM knowing the above, they contacted me to ask me to have a look-see in terms of being transparent and open about what they were offering. I was offered a trial of the platform (yes, I know, I’m absolutely useless and still in fact do not have anything loaded because I need a time making machine and/or an assistant!!!) which was when I ‘fessed up to having had a look already through a client. Through this I got to know Andrea Manning and Carmel Granahan and my perception of ‘apparent dedication’ turned into an appreciation for their real and enthusiastic dedication to ensuring a GDPR compliant service for their customers.

Knowledge Sharing

If you know me in person (or online) you’ll know that I am usually quite happy to share a bit of knowledge with you. Complex situations require consideration and sometimes confidentiality so I will draw the line at some point when it comes to public sharing. However, ask me on a webinar or podcast to teach a skill or implementation and I am happy to hop on and share. Which is what I did here, with OnePageCRM, where we discussed how to perform Legitimate Interests Assessments correctly. Have a read of what they have to say about getting GDPR ready and watch the webinar here. As Carmel says: GDPR should be baked into your organization, not just the icing on the cake. Hear hear!

Note: OnePageCRM has not requested or endorsed this post and has not influenced it in any way.

If you need assistance with vendor or third party due diligence, legitimate interests assessments or doing an initial GDPR benchmark and gap analysis, get in touch as I would be delighted to help you.

Philipa Jane Farley
Written By Philipa Jane Farley

Philipa is the lead consultant and auditor at ProPrivacy.  With clients as far afield as Canada, South Africa, Kenya, Germany, Spain and other such exotic locations, besides Cork and elsewhere in Ireland, Philipa enjoys a broad view of the state of data protection, privacy and cyber security worldwide.  Philipa’s passion is manageable data compliance for SMEs.

Philipa is a qualified teacher besides holding a computer science (Bachelor of Science in Artificial Intelligence Programming) and electronic and intellectual property law (LLB) qualified. She is trained in constitutional (fundamental) rights litigation and enjoys a good debate.

Philipa has over twenty years of experience working in different sized organisations and sectors on operational, governance, risk management and compliance matters. She is an analytical and focused person that enjoys a challenge in the workplace. She loves technology, systems and people and has a passion for showing people how technology can make life easier and better. She understands that the world is driven by data today but privacy is paramount. Responsibly developed AI excites Philipa for the future.