I want to set up a startup and develop a software for facial reconstitution.
Are there any constraints from a privacy perspective? What do I need to consider before in the implementation stage? Is it required for us to have a DPO? We are planning to use AWS for storage is this OK or is better to keep the data in our own servers?Do we need to perform some kind of risk assessment before starting? How would ISO27001 help us?
Any other advice would be much appreciated.