The GDPR (EU Regulation 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC) is a new EU regulation whose purpose is to harmonise the rules on processing of personal data in the EU Member States.

our service includes:

  • drafting documentation related to the processing of personal data (security policies, internal departmental policies, registers of processing activities, entrustment agreements, registers of persons authorised to process personal data, notification of Data Protection Inspectors, etc.),
  • providing day-to-day legal advice on breaches of data protection, including data leaks,
  • consulting on personal data protection with respect to employee relations,
  • advising on issues related to the transfer of data to third countries, including the preparation and application of Binding Corporate Rules,
  • consulting on cloud-based processing of personal data, including issues raised by the transfer of personal data outside the EEA,
  • conducting comprehensive analyses of personal data flows both within the client organisation (the company processing the data) and outside, to determine compliance with the applicable laws,
  • representing clients to regulating authorities during audits and post-audit proceedings.