In view of the entry into force of the European General Data Protection Regulation, GDPR, on 25/5/2018, our law firm offers legal support and Data Protection Officer (DPO) services for the compliance of enterprises with their obligations stemming from the aforementioned Regulation.
More specifically, the European Regulation above poses new requirements on enterprises, requirements that relate to the processing of personal information across its entire life cycle, the protection of the rights of natural persons, the safety of data and the notification actions the enterprise must proceed with, in case the provisions of the Regulation are breached.
By offering our consulting services we can help your business understand the obligations stemming from the application of the Regulation and take the appropriate technical and organizational measures in order to implement and observe a GDPR compliance programme.
In the context of the development and implementation of a compliance programme, our law firm will begin by assuming to survey and record the kind of personal data processed by the enterprise in order to assess whether it would be mandatory to elaborate a Data Protection Impact Assessment (DPIA) Report, as well as to determine if the enterprise must appoint a Data Protection Officer and, following this, to:
- draft a GDPR GAP Analysis of shortcomings, fair practices and recommendations for improving compliance with the European Regulation (EU) 2016/679 on the Protection of Natural Persons with regard to the Processing of Personal Data (or GDPR);
- prepare the Data Protection Impact Assessment Report, DPIA), provided such is required;
- proceed to check all of the contracts relating to the collection and processing of personal data and compile the necessary document templates and terms for the contracts;
- proceed to create the declarations of consent for the processing of personal data, as well as to reassess the declarations of consent already given to the enterprise by data subjects;
- train the executives and staff of the enterprise on the protection of personal data and
- provide external DPO services.