Privacy and data protection
The EU General Data Protection Regulation introduced new obligations and perspectives for every organization the processes personal data. The risk-based and result-oriented approach to compliance, together with its European-wide scope is quite innovative.
With the GDPR, Data Protection becomes an integral part of organizational compliance, a necessary process for every kind of organization, even more so considering the new figure of the Data Protection Officer.
We offer specialized data protection consulting services designed to allow your organization – commercial or otherwise – to be compliant with national, EU and international regulations. We can cover both the organizational and the technical sides of compliance.
Our services can be articulated as follows:
- Gap analysis and how to ‘get there’
- Developing of mandatory documents for privacy compliance
- Data Protection Impact Assessment
- Audit of privacy controls in place
- Developing of instructions for IT systems users and security policies
- IT security controls for privacy
- Organizational controls
- ISO/IEC 27001 implementation and controls
- Information and consent
- ePrivacy Directive compliance
- Training and seminars
Our extensive experience in information security management systems and cybersecurity allows us to tackle particular data protection issues as well:
- Data Processing for profiling and marketing
- Biometric and genetic data
- Geolocalized data
- Employees’ data processing
- Video Surveillance
- Judiciary data and corporate digital forensics
We can act as an external Data Protection Officer (DPO) for every kind of European organization.