The General Data Protection Regulation (GDPR) is a new standard in protection of Data Privacy of EU citizens. Replacing the existing GDPR regulation, it mandates a wider definition of Personally Identification Information (PII) and imposes strict penalties for non-compliance. The last date for complying to EU-GDPR is May 25, 2018.

It primarily affects the companies having any business presence in the European Union or handling PII of EU citizens. Majorly, any company that collects, stores or processes personal information about EU citizens, within EU states, must comply with the GDPR, irrespective of their business presence (physical or otherwise) within EU geography. Kratikal will help you in a hassle free compliance process.


Phase I Scope Determination
Here we undertake a thorough assessment of scope of GDPR applicability. We determine the assets required to be GDPR compliant and the business portion which has to be excluded.

Phase II Gap analysis
It includes asset identification, risk assessment, and existing control identification. Based on basic tenets of GDPR, we decide the cost-effective measures for achieving data privacy and security. A detailed implementation plan is carried out.

Phase III Implementation
Implementation stage involves mapping data flows in and out of the organisation, establishing policies and procedures to generate lines of accountability and maintaining a system of checks-and-balances to ensure compliance with GDPR. We also help in appointment and training of Data Protection Officers (Physical or Virtual), as required by GDPR.

Phase IV: Internal Audit
Under this phase conduct Privacy Impact Assessment (PIA) and Data Protection Audits (DPA) via seminars, workshops, questionnaires, PIA frameworks and onsite inspections.

Phase V: Certification
Certification process It is carried out by independent auditors (generally a US-based CPA), not by the implementers. We help you find suitable auditor for the certification process and help throughout the process.

Depending upon the number of employees, scale of organisation, IT Assets and geographical spread, the exact duration of the process will vary.

For more details, you can drop a mail to Our customer facilitators will call you back.


Avoid penalties and sanctions worth 4% of global annual turnover or €20 Million (whichever is greater).

Maintain your status quo with respect to working within EU or with EU partners.

Include Privacy by Design and Privacy by Default in your products, processes and technological implementations.

Improved data portability due to uniformity of data storage standards.

Increase customer and partner trust in your business by readily implementing GDPR