May 13, 2019
English Language

The organizing, implementation and maintenance of full GDPR compliance for the Danish plastics and recycling company SKY-LIGHT

Few people outside of the plastics industry know SKY-LIGHT. Nevertheless, this Danish company’s products can be found in almost all European homes in the shape of boxes, canisters and lids which keep your yoghurt, pasta salad and paté fresh and appetizing in your fridge. A majority of the raw materials is recycled plastics derived from, for instance, old plastic bottles and waste material from other companies.

“SKY-LIGHT has one of the highest recycling percentages in the business, which harmonizes with our main vision of actively taking responsibility for the community and the environment. We gladly transfer this responsibility to other areas such as GDPR. We never just wanted to be compliant by May 25th. We also want to internalize the procedures and ensure that we will be treating personal data 100 % correct going forward”, Dennis Østergaard emphasizes.

”Personal data is found in surprisingly many places"

We have helped SKY-LIGHT by finding the best way for them to work with GDPR, created an action plan and with the help of our software, they now have an overview of all their data.

“During this process we were surprised to find that personal data can hide in many places. So quite a few skeletons have fallen out of the closets as we have sorted old personnel folders, customer service cases and all kinds of other things. But it is good to get it sorted. It sets your mind at ease”, Dennis Østergaard concludes.

Consultants and lawyers tend to turn GDPR into a big problem. Dennis Østergaard gets calls on an almost daily basis from companies who would like to help them with their work with compliance – “and who explain why we should pay them quite a lot of money to do it. (...)

RISMA’s GDPR solution, however, makes it simple to approach the task by yourself. It gives you an overview of where your personal data is, how you can sort it efficiently, which processes to implement, and so forth. And everything is documented and logged on the way,” says CIO Dennis Østergaard from SKY-LIGHT.

Case SKY-Light_ GDPR solution_Compliance

We point out that our blog posts are neither comprehensive nor an absolute exposition of the compliance processes. RISMA Systems makes no guarantee that the information is accurate, up-to-date or complete, and the blog post must by no means be seen as legal advice. You are responsible for verifying that the information is in accordance with applicable law, if you are considering using it. All information is used at your own risk. RISMA Systems cannot guarantee full compliance with applicable laws and regulations, if you choose to follow the information in this blog post.


Stay up to date with knowledge and best practices on compliance, risk management, and governance. Receive guides, articles, case stories, invitations to events, offers, and much more.