As part of our continuous learning program, SafetyMails – Email Verification Tool teams and contracted partners have undergone refresher training in Data Protection Laws, focusing on LGPD (Brazilian Data Protection Law) and GDPR.
The training was promoted by SafetyMails’ CFO, Rodrigo Gonçalves, who also acts as DPO (Data Protection Officer).
All the content was presented in hybrid mode, i.e., part of the team attended the training in person, while the rest followed the content remotely (online).
SafetyMails partners and service providers were also trained.
Purpose of the training
Every company is susceptible to security incidents involving personal data, whether due to hacker attacks, data leaks or loss when updating systems, operational errors, human error, and countless other possible factors.
It is also possible that, despite all the efforts employed, emergency situations involving incidents and catastrophes may occur where it will be necessary to prioritize human integrity and health.
Therefore, it is necessary that all SafetyMails teams are oriented, updated, and aligned regarding the best practices of data protection, privacy, and information security.
These are some of the fundamental elements of the relationship of SafetyMails with its customers and target audiences: the concern for transparency and safety.
Introduction to Data Protection Laws
The first part of the training, held on November 21st, was focused on presenting to all employees the main definitions and guidelines of the two laws and how they apply to the reality of SafetyMails, its clients, employees and partners.
In-depth review of internal data protection policies
In the second part of the training, the teams were introduced in depth to the restricted documents that present the data protection policies and other key policies, such as log management, backup management, information asset management, data protection impact assessment report, personal data inventory, responsibility matrix, communication plans, and vulnerability management.
These policies address topics such as the management and responsibility of each professional in relation to data, collection, equipment, protection in corporate environments, etc.
Business protection and people’s well-being
The third part of the training covered some documents that are also important for the day-to-day operations of SafetyMails, such as the incident response, disaster recovery, and business continuity plan, one of the documents that are related to programs like ISO27001.
- Incident response plan: how SafetyMails teams should proceed in situations involving incidents with personal data: what to do, who to report to, how to assess, etc;
- Disaster recovery plan: what to do in emergency situations, how to act calmly, etc
- Business continuity plan: what measures are necessary to ensure the maintenance of SafetyMails services in any scenarios;
In any case, these plans aim to ensure the protection of health and safety of human life, the integrity and security of personal data, promote the timely recovery of the IT infrastructure, and enable business continuity in any situation.
Want more details?
Need information about SafetyMails Data Protection and Privacy? You can also access our public documents:
Isn’t the information you need in these documents? Contact our DPO: [email protected]