EU GDPR Services
Your Certified GDPR Experts at Your Service
GDPR-related Services – A Business Imperative
The EU General Data Protection Regulation (GDPR) forms the basis of data protection regulations that are aimed at protecting the personal data of residents in the European region (EU member states plus Iceland, Liechtenstein and Norway). The primary purpose of the GDPR is the protection of the fundamental rights and freedoms of natural persons and, more specifically, the right to the protection of personal data as well as the free flow of personal data within the EU. Even businesses outside of Europe have to comply with the often complex GDPR prescripts if they observe or process the personal data of EU residents. GDPR compliance is vital. We are your GDPR experts!
.
.
Value-Add to Your Business
Compliance with GDPR prescripts and avoidance of hefty fines
Prevention of hefty fines
Increased competitive advantage
Appointment of an outsourced EU data protection officer
Reduced risk to potentially crippling reputational risk
Our Approach
We are a global company headquartered in Germany. This places us in intimate proximity with all the latest regulatory developments and trends pertaining to GDPR. We live our core values of data protection and information security, and we strive to instil these values to protect personal data and to help our clients conform with GDPR prescripts – wherever they may be. Designing, developing and implementing state-of-the-art, secure and reliable solutions is paramount. Modern consulting methods, top technology as well as holistic, future-proof approaches – how we guide our clients to smart and secure solutions. Our vision is to reach far beyond compliance with regulatory prescripts to changed mindsets and sustained business resilience and success for our clients and partners.
,
Our Core Services
EU Data Protection Officer (DPO)
To ensure due compliance with Art. 37 GDPR, which makes it mandatory for EU companies with 20 or more employees to appoint a DPO for the collection & processing of certain types of personal data.
EU Representative
Art. 27 GDPR prescribes that companies with operations outside of the EU that observe, collect or process the personal data of EU residents must appoint an EU representative operating within the EU.
More detailed information in „The UK GDPR Measured against the EU GDPR – the Basics for Companies„
Privacy by default and by design
Processors of personal data must, according to Art. 25 GDPR, ensure data protection by design and by default. Through our unique interweaving of our core competencies of compliance, strategy and technology, we are aptly positioned to design and implement the requisite technical and organisational measures (TOMs) to ensure the prescribed levels of data protection.
Data protection impact assessment
According to Art. 35 GDPR, data controllers must carry out a data protection impact assessment if a form of processing, in particular when using new technologies, is likely to result in a high risk to the rights and freedoms of natural persons due to the nature, scope, context and purposes of the processing.
As an international consultancy with a focus on compliance, governance and risk, we conduct data protection impact assessments and risk assessments together with our clients.
Data Security
Controllers and processors of personal data must implement appropriate technical and organisational measures (TOMs) to ensure adequate levels of security appropriate to risk (Art. 32 GDPR). For your company, we have direct access to efficient data security measures to ensure pseudonymisation, encryption, consistent confidentiality and evaluation measures.
GDPR Audits
Compliance audits are an essential part of effective compliance management. The GDPR prescribes that companies must design and implement technical and organisational measures (so-called TOMs) that ensure that the required levels of personal data protection are maintained. We eloquently interweave our core competencies of strategy, compliance and technology to best tailor according to your business needs.
,
EU GDPR Applicability Check
Answer the following short questions to check if the EU GDPR applies to your business and if you must appoint an EU (GDPR) representative.
Do you process personal data of individuals to:
a) Offer goods or services to individuals in the EU/EEA (regardless of whether payment is required)?
OR
b) Monitor their behaviour (if such behaviour occurs in the EU/EEA)?
If you answered „Yes“ to any of the above questions, then the EU GDPR applies to your business.
If you have answered "Yes" to any of the questions in part A, your business must comply with EU GDPR in respect of the personal data of EU/EEA residents used to offer goods or services or whose behaviour is monitored.
If you have answered „No“ to the above question, then you must appoint an EU GDPR Representative.
If you have answered "No" in the last question (in part B), your business requires to comply with EU GDPR in respect of the personal data of EU/EEA residents used to offer goods or services or whose behaviour is monitored and you require to appoint an EU (GDPR) representative that operates in the EEA member country, where the individuals, whose personal data is process or monitored, reside.
Data is a precious thing and will last longer than the systems themselves.
– Tim Berners-Lee
Headquarter Germany
R&D Centre Germany
North America
United Kingdom
South East Asia
