Organisation and privacy culture
Visma has during the past three years worked hard to incorporate the right attitude and knowledge about data protection and privacy in our culture. We consider that the best way of doing this is to engage people that have a passion for this topic and bring them together with business leaders that can make decisions regarding organisational matters and resources.
The top management and board care about privacy and the topic is always on the agenda in the corporate management meetings. The responsibility for privacy work in Visma has been delegated to a Corporate Data Protection Manager who reports directly to the CEO. Visma has also appointed a Data Protection Officer (DPO) for the group. This is an independent formal role described in the GDPR. The person appointed is a lawyer and Visma employee, and he is the main contact point for any data subject or customer in privacy matters. The Corporate Data Protection Manager and DPO facilitate the privacy work in Visma, and all corporate decisions regarding privacy are governed by the Data Protection Council (DPC). Visma Group consists of many legal units organised in four divisions. Each legal unit has appointed a Data Protection Manager which again is represented in the council by Divisional Data Protections Managers.