Due Diligence and GDPR: How to stay compliant during a transaction

Due Diligence and GDPR: Be careful with personal data

For the seller side, there are important GDPR concerns to be aware of. During a due diligence, there are potential risks of data and privacy breaches, when sensitive information is shared between potential buyers and the seller company. Admincontrol’s Head of Security, Ole Martin Refvik stresses the importance of following the new rules which comes into force the 25th of May, also in a due diligence-process.

[quote text=”A%20transaction%20always%20requires%20sharing%20of%20personal%20data%20and%20if%20there%20are%20any%20data%20leaks%2C%20your%20company%20will%20be%20fined%20accordingly%20if%20you%20were%20non-compliant.%20Staying%20compliant%20with%20GDPR%20in%20a%20due%20diligence-process%20is%20crucial.” author=”Ole%20Martin%20Refvik%2C” author_position=”Head%20of%20Security%20in%20Admincontrol%20″ /]

Download our due diligence checklist here 

Often done in a hurry 

Refvik points out that a due diligence-process is often done in a hurry – which makes it easier to do mistakes.

Head of Security in Admincontrol, Ole Martin Refvik, says that many mistakes and security risks can be avoided by starting the preparations early.

–  My best advice is to be prepared. Gather all your documents related to a transaction in a safe and secure place. Avoid unnecessary email conversations and use platforms like Admincontrol`s data room for pre-due diligence as well as the actual due diligence. Remember, such a process will require sharing up to thousands of documents, so gathering all the data will be very time-consuming. If your company is well prepared, it is also less likely to make mistakes, he says.

Three take-aways to stay compliant with the GDPR in a due diligence process:

Download our webinar recording: How to stay compliant with the GDPR here. 

1. Start the preparations early

Many mistakes and security risks can be avoided by starting the preparations early. If possible, start preparing for a potential acquisition, merger or exit long before the buyers come knocking.

Our recommended starting point is to invest in a secure, purpose-built  platform for document sharing, and start building the structure and document library there, from month to month / year to year. This library will make a great starting point for the due diligence when the time comes.

 2. Stay informed and consult with experts

Although a transaction may seem straight forward, you should always use external help. External advisors are specialists in the M&A process and they will assist your company when it comes to finance, taxation or legal matters. They can also help you to stay informed and to make sure your company is compliant with the GDPR during a due diligence process.

 3. Use a purpose-built solution

To stay clear of data breaches, leaks of personal data and other risks that jeopardize compliance with the GDPR, a purpose-built solution is highly recommended.

E-mail and consumer-sharing platforms should be avoided when dealing with the company`s most sensitive documents. For the critical pre-, and actual, due diligence- process, you need a more powerful – and secure – solution!  A solution with premium features such as access control, encrypted communication and built-in security and privacy mechanisms.

Get in touch to learn more about our data rooms and how we can ensure secure sharing and collaboration during a due diligence-process.

See our GDPR blog post series for more info about the new regulation here

[form id=”12″ button_text=”Request%20a%20demo%20″ /]