The new General Data Protection Regulation (“GDPR”), effective as of May 25, 2018 applies to every EU- based controller or processor of personal data. The GDPR is expected to ensure a greater degree of data harmonization across EU nations and threatens significant fines and penalties to non-compliant data processors and controllers of up to the higher of 4% of global business turnover or Euro 20 million, depending on the nature of the breach.
Ensuring compliance with the GDPR is among the biggest challenges for businesses across the EU, both due to the impact of potential non-compliance fines and sanctions and given also the long-lasting nature and high complexity of the project. In this respect, Legal Partners deep privacy team expertise and methodology is dedicated to develop and deliver best data privacy management solutions in compliance with the need to be addressed:
Legal Partners are in place to offer their clients the following services:
- Planning and implementation of personal data protection policies and intra-company/intra-group processes related to the collection, management and breach of personal data.
- Planning and implementation of a Code of Conduct regulating personal data protection.
- Appointment of a Data Protection Officer (“DPO”), mandatorily required under the GDPR.
- Review/reform of the business’ current status of consent on data processing in order to adopt the GDPR’s enhanced requirements for obtaining data subject consent.
- Redesigning and customizing information technology (IT) systems in order to accommodate and support the GDPR’s requirements on data collection, management and breach notification.
- Maintaining a Record of Data Processing Activities (“RDPA”).
- Ongoing personnel training on the GDPR.