Remember the typical “GDPR comes with huge fines” fearmongering advice? That’s not us.
Your business needs to process personal data and we’re here to help you do that while complying with data protection legislation. The GDPR places many requirements on organizations and data protection compliance is becoming increasingly demanding. That is why we do not sell any one-size-fits-all solutions, and tailor our advice to each individual business and organizational processes. We start by understanding the business needs and we step outside of the “data protection laboratory” into the real world.
The GDPR prescribes two typical roles for an organization: data controller (alone or jointly with other controllers) or data processor. Based on the role in each processing activity, we’ll explain what you need to do to comply with privacy laws. This section is a snapshot of the usual services we provide for organizations.
Assistance in meeting GDPR requirements
GDPR includes a vast array of obligations for data controllers, summed up under the principle of accountability. We regularly help clients implement processes and design mechanisms to demonstrate compliance with all such legal requirements, including the records of processing operations (which we also tailor to the needs of the client), data protection impact assessments (where we assist clients with very complex risk assessments and mitigation), data protection agreements, personal data breach assessments, and not least consultations with the data protection supervisory authority.
We are very skilled in drafting information notices and other materials that need to have an accessible language and be easily understood by the general public. Our documents are not just lawyer readable but human readable, ensuring that you meet the GDPR requirements to use an intelligible and easily accessible form, as well as clear and plain language. We also design adequate methods to bring the information to the attention of its addressees, whether this is on a website, on a smart terminal, on a board or others.
Training on EU data protection law
Our customised training programs are constantly hailed as being professional, informative and also fun. Our practical approach backed by a long experience dealing with data protection issues has been widely praised by our clients.
Data protection is not just about GDPR. We also advise clients in complying with the requirements related to direct marketing, as well as cookies and other tracking technologies. Moreover, since the future ePrivacy Regulation is currently being negotiated at EU level, we keep our clients informed about the process.
We don’t sell GDPR software or templates and we won’t magically make you “GDPR compliant”.
We do, however, come up with practical solutions to your data protection and privacy problems and empower your organisation to learn to handle them in the future.