To ensure a high level of protection of personal data at all times, you must put in place internal procedures which guarantee that data protection is taken into account at all times, taking into account all the events that may occur during of the life of a processing (ex: security breach, management of requests for rectification or access, modification of the data collected, change of provider).