Data protection is a particular field of law that requires extensive knowledge of business practice and new technologies from lawyers. Investments in programs that facilitate everyday work, the need to use data for the provision of services, sales of goods or for marketing purposes require care for the processed data. Proper procedures must be also applied to the monitoring and control or work, recruitment of employees or HR and accounting services.
The GDPR forces companies to thoroughly analyze risks and develop procedures that minimize potential threats to data security. Mistakes and related infringement may result in severe punishments for entrepreneurs. On the other hand, every company must process data of customers, employees, and partners in order to provide services, sell goods or advertise their goods/services. For this reason, drafting of proper procedures and documentation requires a multidisciplinary approach from tax and business advisors. A team that provides legal services within data protection and GDPR should have extensive knowledge in order to be able to propose practical solutions that enable safe business development.
Data protection and GDPR – the scope of our services:
- comprehensive tax compliance within data protection;
- audit of data processing procedures;
- audit of documentation regarding security and processing of data;
- development of procedures that meet business expectations and requirements resulting from the GDPR and the Data Protection Act;
- drafting of documentation compliant with the GDPR and national data protection regulations;
- development of procedures for HR department within the recruitment of employees and monitoring of their work, taking into account the labor law provisions;
- representation before state authorities, including the Personal Data Protection Office (PDPO);
- communication with the PDPO on behalf of clients;
- consulting and support during data processing control and control of the applied security measures;
- acting as a data protection officer (DPO);
- consulting at the stage of occurrence of data security infringement and support within the fulfillment of required obligations;
- representation before courts in proceedings regarding infringement of data processing security;
- comprehensive support within data protection and protection of other confidential information in a company;
- training courses for people who process data in a company as well as managers, including courses on internal procedures;
- training courses on the GDPR provisions in the everyday operation of a company, foundation or association.
How do we help?
We provide comprehensive legal consulting to clients who have not implemented the required data protection and processing documentation before so that they can meet all GDPR requirements. We conduct audits of compliance of data processing procedures with the GDPR requirements. We draft documentation required by the GDPR, including data protection policies, privacy policies, processing activities registers, registers of people authorized to process data, personal authorizations to process data, data processing agreements.
For clients who, following the implementation of the GDPR, changed their procedures, purchased new programs or expanded activity, we offer documentation audits. After verification of procedures, our attorneys at law will prepare new documentation and enhance internal procedures in accordance with the provisions of the GDPR and the Data Protection Act.
Our multidisciplinary team of lawyers specializes in data protection, civil and criminal proceedings, and new technologies. Thanks to that, we can provide comprehensive services within GDPR and potential liability for mistakes within data security. We represent clients before courts and authorities, e.g. the PDPO.
We support public entities, privately-owned companies, foundations, and associations. We make sure data and other confidential information of a company are secured comprehensively. We organize training courses for employees and managers on data protection law, including GDPR.
We have extensive experience within the implementation of data processing and protection documents, e.g. security policies and IT system management manuals. Currently, our activity focuses on the adjustment of such documents and procedures of the practice of clients’ activity to the GDPR requirements. We have in-depth knowledge of new technologies and we draft documentation, taking into account functionalities and risks related to the applied solutions.
We have long-term experience in the representation of clients during proceedings before the PDPO, including proceedings regarding registration of data files, as well as during controls conducted by the PDPO. We currently offer support within proceedings conducted by the PDPO. Our lawyers also have practical experience within acting as a DPO (data protection officer, former information security administrator).
Do not hesitate to contact us in order to obtain more detailed information.