What Does Your Organisation Need to Know?

We have over 20 years of experience in data protection and privacy law, and the implementation of the EU & UK GDPR is not a mystery to us. Whilst, we have all heard the headlines about the big fines, the EU & UK GDPR is an opportunity for your organisation to get control over your data, a subset of which is personal data. We help you turn the EU & UK GDPR from a cost to a competitive advantage, making data an asset for your organisation.

Our Data Protection Law Services

We can assist you in building your entire data protection compliance program or with ad-hoc tasks. This includes doing the following:

• Identifying your status under the EU & UK GDPR, including whether you are acting as a data controller or a data processor, and when these roles apply.

• Determining whether you are required to appoint a data protection officer under law.

• Determining the appropriate technical and organisation measures to secure data (such as pseudonymisation, encryption, an internal data protection committee, etc.).

• Identifying whether registration with local data protection supervisory authorities is required.

• Creating a central data register/record of processing of activities of all personal data processing activities.

• Reviewing the legal basis for all personal data being processed (and whether the approach that has been taken is correctly managed).

• Drafting notices, policies and procedures.

• Conducting data protection impact assessments.

• Reviewing all measures for data transfers and putting in place the appropriate safeguards to allow for the lawful transfer of data.

• Updating all contractual documentation to ensure that data protection law clauses are included.

• Reviewing and advising you on your direct marketing practices (such as by email and telephone).

• Creating general and targeted training material.