"I could also have it in a Word document. I just get so much more here. I can link it to an annual cycle of tasks, I can consolidate it so it comes out as a comprehensive PDF document. It’s easy to send out for collaborative sharing. It takes a lot of discipline to maintain it in Word and Excel. Now I have a system that does it for me."
The Spreadsheet Was Bogged Down
When Thomas Holmslykke Degn gained access to Wired Relations, he imported his entire “old” Article 30 register from Excel into Wired Relations.
“It takes a bit of time,” he says.
When HR reviewed the processing activities they were responsible for, they ended up discarding most of it. New processes and suppliers had been introduced.
Even so, Thomas is pleased he did it. Simply moving from Excel to a better overview in Wired Relations gave Toms Group a new perspective they could use to move forward.
“It’s operational, and it wouldn’t have been operational if I had stayed in Excel,” he says.
Toms Group is the largest manufacturer of candy and chocolate in Denmark, known for chocolate turtles and chocolate Gold Bars.
Thomas Holmslykke Degn is actually a SAP consultant, but after several courses and a lot of practical experience, he now also oversees GDPR compliance for Toms Group.
Rediscovered Task
Data protection is somewhat of a “rediscovered task,” as Thomas Holmslykke Degn puts it. In 2018, Toms Group completed a large compliance project using Excel sheets and Word documents.
Over the years, the extensive spreadsheets had become bogged down with outdated information and a lack of clarity.
“It’s the simplicity of your system that makes it really good. Fundamentally, I could have everything I’ve now put into your system in Word documents. So why didn’t I do that initially? Well, it was because I didn’t have the overview,” says Thomas Holmslykke Degn.
He took on the compliance task, reviewed different systems, and - after some detours - chose Wired Relations. About his system choice, he says:
“I’ve been in touch with several companies, and Wired Relations was on the relatively short list of those I found interesting. I had a few issues with our provider at the time, so I tested Wired Relations. The first test was to take a process activity, input it, and see if I was satisfied with the output. Within 20 minutes, I had something usable.”
The simplicity and built-in best practices were exactly what Thomas Holmslykke Degn needed.
{{factbox-dark}}
Overview Enables New Tasks
Since then, he has worked hard to organise the processing activities of Toms Group and annual calendar of tasks. This has provided him with an overview and coherence in compliance information that he didn’t have before.
“There are many things that are much, much easier if you actually have a yearly cycle of tasks in place. Every time I solve an issue and add tasks to the calendar, it opens up the opportunity to take on new issues,” says Thomas Holmslykke Degn.
It has also allowed him – with the same resources as before – to improve several compliance areas that had previously been de-prioritised.
This includes DPIAs, which Thomas Holmslykke Degn wants to ensure become a routine part of the organisation’s tasks.
Additionally, he will focus on awareness, using the British company MetaCompliance, as they are particularly skilled in this area.
This is a key point: Thomas Holmslykke Degn wants his suppliers to do what they do best.
“I hate people who insist on bundled services. I wasn’t interested in having system providers think they should also provide legal advice. I don’t mind buying legal advice. I just want to buy it from the company I want to provide it,” he says.
Therefore, Wired Relations delivers a GRC system, MetaCompliance delivers awareness, and legal consultants provide legal services.
If you want to see for yourself how better structure and overview can strengthen your data protection programme, book a demo.
