<aside> <img src="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/814bb784-1db9-4098-9e5e-d286d01abb9d/Locked.png" alt="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/814bb784-1db9-4098-9e5e-d286d01abb9d/Locked.png" width="40px" /> As part of its activity of multi-risk home insurance and home protection products, Luko is required to process personal data. We therefore take the security and confidentiality of the data of Luko’s users with great responsibility. In accordance with the GDPR and the recommendations of the CNIL, the EDPS, drawing inspiration in particular from the data pack insurance compliance. We count on a DPO to overlook all our practices and policies in this regard, and to keep pushing for improvements

</aside>

What do we do?


Privacy & Data protection policy

Register of Processing Activities - RoPA

Managed and reporting  of technical incidents

What are the results so far?


Data protection & Privacy.png

$^1$Data privacy policy

What’s the plan tomorrow?


<aside> <img src="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/4aa02b14-0e48-4a1e-9cfa-683fce9a5bb8/bullet.png" alt="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/4aa02b14-0e48-4a1e-9cfa-683fce9a5bb8/bullet.png" width="40px" /> Improve the handling of data subject requests : have a clearer and a more comprehensive understanding on their rights, the data subject can easily make their request and obtain a satisfying answer.

</aside>

<aside> <img src="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/bacf8296-3b64-4cae-9655-2a6f4eed032a/bullet.png" alt="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/bacf8296-3b64-4cae-9655-2a6f4eed032a/bullet.png" width="40px" /> Disclose better information for customers on their rights under the GDPR : as Luko is transparent in its core business, we want to extend this to data protection as a strong asset of confidence with dedicated articles, Q&A, workshop, etc.

</aside>

<aside> <img src="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/a5ed8b02-db55-4645-9fc0-65d0d8a3930c/bullet.png" alt="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/a5ed8b02-db55-4645-9fc0-65d0d8a3930c/bullet.png" width="40px" /> Organise regular internal workshops on data protection : raising awareness and having a better legal culture is an important step to make sure that GDPR is understood and applied by each and everyone.

</aside>

<aside> <img src="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/f65c68dd-a637-4ca1-a74c-0172e2de28d1/bullet.png" alt="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/f65c68dd-a637-4ca1-a74c-0172e2de28d1/bullet.png" width="40px" /> Promote Privacy-by-design during the product development phase: make sure that we develop easy features that can help to implement GDPR principle, spend less time on having a posterior compliance.

</aside>