We offer to comprehensively implement GDPR-compliant procedures in your company. In the first step, we carry out an audit to verify the current status. Then, in consultation with you, we develop an all-encompassing set of appropriate procedures and internal policies.

 

 

To ensure full implementation we will:

  • draft consent clauses adjusted to your processing activities;
  • draft information clauses adjusted to your processing activities (including a privacy policy for your website);
  • draft a template data processing agreement;
  • develop – in close collaboration with your company representatives – procedures and documentation relating to the processing and protection of personal data, i.e.: 
  1. data protection policy;
  2. procedure for keeping internal records of infringements of data protection laws;
  3. security policy;
  4. business continuity plan;
  5. internal procedure on how individuals can exercise their rights;
  6. system recovery procedures and their testing;
  7. data breach response procedure;
  8. project management procedures (privacy by design/privacy by default);
  9. IT system monitoring policy;
  10. system and building access management (granting/revoking access rights to IT systems in use);
  11. record of processing activities for your company as a data controller and processor;
  12. data processing authorisation form templates;
  • give opinions on internal regulations (including the work rules, contest regulations, terms and conditions of promotional campaigns, etc.)

 

We also offer to check new documents, including procedures, that you prepare on your own in line with the recommendations from the legal section of the report.