19.02.2019

How We Achieved a Positive Result for the First GDPR Audit. Our Project for VGP


Adapting a project to the requirements of GDPR-related regulations is a challenge faced by many IT system providers. This only makes us prouder that our product has received a positive recommendation following an audit.

Read this article to find out:

  • what the audit looked at;
  • what was the purpose of the audit;
  • what good practices we used to achieve such good results.

The audit concerned information security and was carried out on the basis of the rights of the Personal Data Controller under the GDPR by consulting company KPMG for Volkswagen Group Polska.

A one-day meeting with the auditor covered the verification of documentation, information management procedures, and the practical implementation of all key principles. The auditor was given access to all documentation and the possibility of interviews with selected staff members participating in the project.

Audit Purpose and Result

The process was designed to check if data processing complies with the GDPR and the contractual requirements imposed by VGP on all suppliers.

The auditor had no concerns about the organization of work on the project or the quality of information security management by Unity Group. We obtained recommendations to confirm the high standard of information security with the formal ISO 27001 certificate.

This means that our formal solutions meet the stringent standards that must be satisfied to apply for this certificate

How to Achieve a Positive Outcome of the GDPR Audit

Over a year and a half, as part of the project of preparing the company for the GDPR, we introduced a number of organizational and formal changes to raise the standards of information security. In cooperation with an external consulting company, we inventoried in-house processes and developed documentation and proposals for solutions in accordance with the ISO 27001 standard. We appointed a Data Protection Officer, who ensures that the quality of information security management is maintained at all times.

For our clients, this means that Unity Group can be fully trusted in matters as sensitive as personal data. We are well aware of the importance of the regulations, and we strictly follow them. We are a reliable partner not only in the IT aspect of a project but also in everything that makes up its business environment.

— Anna Gubernat, Project Manager

Read More
/ Recent News
03.04.2025

Rami Al Naib at the “Effective Application of AI in European Industries” Seminar in Helsinki

We are pleased to announce that Rami Al Naib, Head of Data & AI at Univio, will participate in the seminar “Effective Application of AI in European Industries”, which will take place on April 11 in Helsinki, Finland. The event is organized by the Embassy of the Republic of Poland in Helsinki to mark Poland’s presidency of the Council of…

Read more
01.04.2025

Univio at Poland & CEE Retail Summit 2025

Retail Summit 2025 is one of the most important events for the retail and e-commerce industries in Poland. This year’s edition will take place on April 15–16 at DoubleTree by Hilton in Warsaw, bringing together leaders of retail chains and experts in modern technologies. As a gold partner of the event, Univio, together with its technology provider fulfillmenttools, will present…

Read more
Nagrody Builder Polska 2024 Univio
06.03.2025

Univio Honored with the Prestigious “Builder’s Laurel” Award

Univio has been honored with the prestigious “Builder’s Laurel of the 20th Anniversary of Poland in the European Union” award in the IT Services Provider category. This exceptional recognition, granted by the Scientific Council and Editorial Board of “Builder” magazine, highlights the company’s ongoing contribution to the development of the Polish construction sector through innovative technologies and IT services. This…

Read more

We’re ready.
Are You?

Our solutions make the headlines. Get in touch and let's start the next story together.

Contact us

<challenges.accepted>