GDPR

We will help you ensure compliance with European Directives and Czech legislation pertaining to GDPR. We analyse, implement and verify matters. Our team advises on what can and can’t be done, and on how to meet GDPR obligations in contracts or on the web. View the types of clients we’ve worked with.

How a comprehensive implementation of GDPR takes place

• We conduct an initial consultation, discerning the state of readiness of the company/organisation for GDPR and how demanding and extensive the procedure shall be for such compliance.
• Data Protection Impact Assessment (DPIA) – we conduct an on-site analysis at the company/organisation, focussing on aspects such as what data is processed, for whom and for what purpose, where and by whom they are processed and how they are secured.
• We prepare a guideline describing the processing of personal data at the company/organisation in accordance with GDPR.
• We provide induction training, familiarising employees with guidelines or changes in procedure.
• We apply our breadth of practical experience with implementing GDPR, especially at small and medium-sized commercial and manufacturing companies and various types of non-governmental non-profit organisations. We handle the processing of personal data for the purposes of donations, donor databases, data for newsletters, photographic documentation of events, and so on. 

What else do we do? 

• Consultation is given on the company’s/organisation’s readiness for GDPR and discussion covers the approach that should be taken to secure GDPR compliance.
• We conduct analysis in the form of a data protection impact assessment (DPIA).
• The services of a GDPR Data Protection Officer (DPO) are offered, either as a mandatory or voluntary function. The Data Protection Officer is available for communication with the Data Protection Authority and for consultation throughout the year. They assess compliance with GDPR once a year and provide a written opinion on the company’s/organisation’s compliance with it.