Gdpr compliance both in general and with regard to single processes/projects/activities

Together with a team of professional, specialized in different areas of practice, such as legal, technological and IT, we assist our Clients in redacting a complete and efficient GDPR compliance plan. Our services are usually customized on the basis of the needs of the single Client, of the organizational structure and of the complexity of such structure; furthermore, our compliance plan can easily be adapted to the company in its complex, or to a single project or process.

Our added value is considering consultancy as a set of legal and informatics specialized services, in the field of data protection, guaranteeing solutions which are both compliant with the applicable laws and easily feasible.

Our Services include:

  • Mapping of all data processed and of the categories of data subjects involved;
  • Analysis of all processes and personal data flows;
  • Identification of subjects (both internal and external) which are involved in the data processing activities;
  • Analysis of the data processing policies already adopted by the Client;
  • Analysis of all existing technical and organizational security measures;
  • Identification of synergies with Organization Models (corporate, banking, insurance compliance laws and for the prevention of informatic crimes, in compliance with art. D.Lgs. 231/2001 etc.);
  • Evaluation of preexisting provision of the Supervisory Authorities, addressed to the Client or, more in general, in relation to similar areas of practice or projects.

All this information is usually collected by our professional, who will carry out specific interviews with single departments, as well as a thorough documental due diligence.

Our service also includes the definition and drafting of all necessary law requirements, specifically customized to the Client’s area of business (e.g. specific privacy notice for different specific sectors, modular consent forms, data processing agreements, prior Consultation to the Authority etc.).

The release of the documents is – case by case – usually accompanied by a summary report, which includes the assessment’s result and specific instructions on how to use the documents delivered.

Our goal is to support our Clients in defining corporate principles on the protection of personal data, in order to ensure that all processing activities are compliant with the GDPR and with the national relevant laws, but also in line with the business’ goals.