While for IT, health care and personnel search data protection is a relevant issue, for companies operating in the EU market this is a must-have. We have experience of accompanying personal data protection projects since 2013 and provide professional consultations, taking into account the clients’ internal processes and needs, as well as the EU GDPR requirements. Our expertise is confirmed by the CIPP/E certification of the International Association of Privacy Professionals.
Within this practice we:
- Primarily assess the status of personal data protection and the client’s needs.
- We identify available personal data protection mechanisms, correlation of the goal of information collection and processing with the risks accompanying these processes.
- Provide consultations in specific issues related to personal data protection.
- We offer ways for minimizing the risks of personal data breach, provide our expert opinion concerning the applicability of the GDPR norms in each specific case, and prepare consultative opinions upon the client’s request.
- Develop personal data protection agreements following the client’s needs.
- The most popular requests coming from our clients are the following documents: Data Processing Impact Agreement, Privacy Policy, Terms and Conditions, etc.
- Develop internal personal data protection policies and procedures.
- We create the internal legal basis for personal data collection and processing, like Data Processing Policy, Data Processing Agreement, Standard Contractual Clauses, etc.
- Provide consultations concerning establishment of the Data Protection Officer position, develop respective job descriptions.
- Data Protection Officer, or DPO, is quite often the most unclear figure in the personal data protection chain for our clients. Since availability of DPO is mandatory under the GDPR provisions only in specific cases, we make comprehensive company analysis and develop a unified approach as far as the need for establishing the DPO position is concerned.
- Accompany representation of the client’s interests in the EU territory.
- Quite often absence of company registration in the EU may become an obstacle for following the GDPR provisions, but definitely not in our case. Thanks to a wide network of reliable contacts abroad, we will settle the issue of your business representation in the EU in a high-quality and efficient way.
- Provide consultations on the incidents related to personal data in the client’s activity.
- We analyze the European and international practice in the field of personal data breach, case-law, assess the chances of the most “painless” situation settlement and develop a unified standpoint. We provide the client with the roadmap of the most efficient solution and promote its further implementation.
