Our services

On the basis our professional qualities and, in particular, expert knowledge of data protection law and practices, we will provide you with the following services:

• Information and advice on planned processing activities
• Monitoring compliance with the GDPR
• Assignment of responsibilities
• Awareness-raising and training of staff
• Performing of related audits
• Cooperation and contact with the supervisory authority on issues relating to the processing
• Prior consultation with supervisory authority before processing that is considered ‘high risk’ to data subjects
• Consultations and providing professional opinions and guidance on any other relevant matter

The DPIA shall contain at least the following elements:

• A systematic description of the envisaged processing operations and the purposes of the processing
• An assessment of the necessity and proportionality of the processing operations in relation to the purposes
• An assessment of the risks to the rights and freedoms of data subjects
• The measures envisaged to address the risks, including safeguards, security measures and mechanisms to ensure the protection of personal data

Within this service we provide you with the following:

• Mapping of all transfers of personal data to third countries
• Verification of the transfer tools the transfer relies on (eg. standard contractual clauses)
• Assessment of the legislation in the third country with regards to the transfer
• Identification of supplementary measures that are necessary to bring the level of protection of the data transferred up to the EU standard of essential equivalence

We assess your compliance with GDPR in six main areas:

• General principles;
• Lawfulness of your data processing;
• Rights of data subjects;
• Roles of controller and processor in certain relationship;
• Security of personal data;
• Data protection officer role and tasks;
• International data transfers.

This service includes :

• Assessing the severity of personal data breaches
• Notification to the supervisory authority (where relevant)
• Notification to the data subjects (where relevant)
• Advice on remediation efforts to avoid re-occurrence of similar incidents
• Registering data breach in data breach record

We carry out such an assessement of 50+ control points on your behalf, focussing on the following topics :

• Transparency & Information provided to data subjects
• Privacy by design & by default
• Information security
• Data Processing Agreement
• Transfers of personal data outside EU/EEA

Awareness sessions generally focuses on :

• General data processing principles under the GDPR (data minimization, storage limitation, lawfulness, etc.)
• The rights of data subjects and how to handle them
• Security of data processing and measures to increase the security
• Handling of security incidents
• Roles and responsibilities within the organization