GDPR Compliance for a Gaming Startup
Challenges
Following a compliance order from an EU-based Data Protection Authority (DPA), a Serbian IT Startup running an online gaming platform needed to implement GDPR compliance programme and nominate a DPO within a relatively short deadline.
Solutions
After the initial meeting with the client, Privanova promptly provided the client with several key policies including the Company’s Data Protection Policy. In addition a Privacy Notice and a Cookie Notice for the Website were drafted. Within the deadline, we managed to test and publish a cookie consent management system for the client’s website.
At the same time, we assisted the client to recruit and nominate a DPO in accordance with the GDPR requirements. Finally, we helped the client provide feedback to the EU-based DPA, thus avoiding further penalties and fees.
Policies
In accordance with Article 12 of the GDPR, a complete set of policies was drafted.
Cookies
Cloud-based cookie consent management was implemented on the client's website.
DPO
Article 37 GDPR requirements were met by recruiting a Data Protection Officer.
DPA
Communication with the local Data Protection Authority was ensured on behalf of the client.
