top of page
Image by Jules Marvin Eguilos

Data Protection 

At Aria Grace Law CIC, we provide complete support to businesses for EU & UK GDPR compliance, from legal and compliance to technology recommendations and programme implementation.

What Does Your Organisation Need to Know?​

We have over 20 years of experience in data protection and privacy law, and the implementation of the EU & UK GDPR is not a mystery to us. Whilst, we have all heard the headlines about the big fines, the EU & UK GDPR is an opportunity for your organisation to get control over your data, a subset of which is personal data. We help you turn the EU & UK GDPR from a cost to a competitive advantage, making data an asset for your organisation.

Our Data Protection Law Services

We can assist you in building your entire data protection compliance program or with ad-hoc tasks. This includes doing the following:

  • Identifying your status under the EU & UK GDPR, including whether you are acting as a data controller or a data processor, and when these roles apply.

  • Determining whether you are required to appoint a data protection officer under law.

  • Determining the appropriate technical and organisation measures to secure data (such as pseudonymisation, encryption, an internal data protection committee, etc.).

  • Identifying whether registration with local data protection supervisory authorities is required.

  • Creating a central data register/record of processing of activities of all personal data processing activities.

  • Reviewing the legal basis for all personal data being processed (and whether the approach that has been taken is correctly managed).

  • Drafting notices, policies and procedures.

  • Conducting data protection impact assessments.

  • Reviewing all measures for data transfers and putting in place the appropriate safeguards to allow for the lawful transfer of data.

  • Updating all contractual documentation to ensure that data protection law clauses are included.

  • Reviewing and advising you on your direct marketing practices (such as by email and telephone).

  • Creating general and targeted training material.

Our Specialists

bottom of page