en

Data Protection Services

Privacy Compliance Assessment

  • Interviews with client´ s management and personnel
  • Mapping of personal data processes
  • Audit of privacy documentation
  • Compliance analysis of data processing operations

Privacy Program Development

  • Planning and managing a privacy program tailored to the client´ s needs
  • Drafting or updating a Privacy Policy
  • Planning internal guidelines and operating models
  • Assisting in integrating data protection into business processes

Privacy Training and Consultation

  • Training of personnel on best privacy practices and lawful processing of personal data
  • Consulting of client´ s management and key stakeholders in data protection regulation, guidelines and new case law

Data Protection Officer (DPO)

  • Outsourced DPO as a service
  • Advice and support in communication with data protection authorities
  • Privacy reporting and monitoring for the management of the client

Data Protection Impact Assessments (DPIAs)

  • Facilitating and documenting the DPIA process, specifically when introducing new technologies
  • Identification of privacy risks and risk mitigation recommendations
  • Preparation of reporting to the data protection authority

Privacy Policy, Cookie Notice and Other Data Protection Information

  • Drafting of privacy information required by law
  • Internal Records of Processing Activities (ROPA)
  • Preparation of cookie information in accordance with authority guidelines

Data Protection Agreements and International Data Transfers

  • Auditing and drafting of data processing agreements (DPAs)
  • Contract templates for international data transfers (SCCs) and other transfer mechanisms
  • Transfer Impact Assessments of data transfers (TIAs)

Data Breach Management

  • Impact assessment and documentation of data breaches
  • Preparation of official breach notification to the data protection authority and communication with the authority

Technical consultation of Privacy Solutions

  • Privacy by Design requirements in the design of IT systems and applications
  • Evaluation of pseudonymisation and anonymisation solutions
  • Defining data minimization and retention periods in accordance with GDPR

Cooperation in Data Protection Authority Inspections

  • Legal support to the client for inspections by a supervisory authority
  • Drafting statements and responses to supervisory authorities or courts 

Privacy Communications

  • Client communication strategies in the event of a data breach
  • Informing the data subjects affected by the data breach
  • Stakeholder and media communications