The CNPD, in partnership with the Luxembourg House of Cybersecurity and the National Cybersecurity Competence Center (LHC-NC3), has officially launched DAAZ, a new data protection and GDPR compliance tool specifically designed for small and medium-sized enterprises (SMEs) in Luxembourg.
DAAZ, stands for “Data Accountability from A to Zen,” and was selected through a competitive call for projects by the European Commission and co-funded by the European Union as part of the ALTO project.
Alain Herrmann, commissioner of the CNPD, as well as Jérôme Commodi, legal expert at the CNPD, and Pascal Steichen, CEO of the Luxembourg House of Cybersecurity, led a presentation at the official launch event, highlighting the development process, which involved feedback from 215 entrepreneurs and technical expertise from the National Cybersecurity Competence Center (LHC-NC3). “This tool is supportive to SMEs to make sure that they comply with GDPR, it has been built to be accessible for people who are non-experts in the field and to make compliance a reality,” said Herrmann.
“We are working together on this topic, as cybersecurity is only reasonable, when done for the purpose of privacy, so a joint effort in this endeavor is important, especially aimed to target and assist SMEs, who struggle most with regulations of compliance.”
Pascal Steichen, CEO of the Luxembourg House of Cybersecurity.
DAAZ unveiling
The launch event of DAAZ gathered industry professionals in Belval, where they were treated to a live presentation of this GDPR compliance tool tailored for Luxembourg’s SMEs. Hosted by the CNPD in partnership with the Luxembourg House of Cybersecurity and the National Cybersecurity Competence Center (LHC-NC3), the event presented DAAZ’s intuitive features and practical applications. Attendees witnessed firsthand how the tool employs gamification and immersive learning methods to simplify GDPR compliance.
DAAZ’s role in addressing SMEs’ challenges, boosting transparency, and promoting consumer trust through an engaging and user-friendly platform was presented from a user perspective, highlighting the enrollment process from A to Z, while showcasing the back-end features.
Solving SME limitations
This free, intuitive online tool aims to simplify the process for SMEs to integrate their GDPR obligations into their daily operations. By supporting businesses in assessing, strengthening, and maintaining GDPR compliance, DAAZ aims to enhance transparency and boost consumer trust. SMEs often face significant challenges in complying with GDPR due to limited resources and expertise compared to larger organizations.
Additionally, the rapid digitization of various sectors, the rise of artificial intelligence, and evolving legal requirements create a complex environment for these businesses.
Tested and approved
The creation of DAAZ involved two key phases. Initially, the CNPD gathered feedback from 215 entrepreneurs through an online survey to pinpoint the specific needs of SMEs. “For us, it was crucial to focus DAAZ on the user experience. To achieve this, after determining the needs of the users, the project team applied the “story learning” and “learning by doing” methods to ensure optimum immersion and maximum user involvement, ” said Commodi, CNPD project coordinator.
In the second phase, the platform was developed and tested with the assistance of SMEs, leading to further optimization. The expertise provided by LHC-NC3 was invaluable, particularly in the technical aspects, drawing on their experience with tools like “Fit4Cybersecurity” and “Fit4Privacy” that raise awareness among SMEs about IT security and privacy. “DAAZ is a playful tool that takes advantage of gamification. We have created a platform that is intuitive, educational, and accessible for everyone,” said Steichen.
