Data Protection

In an era of technology, where the speed of development is increasing day by day, we focus on ensuring that our clients maximize their data value and acquire their business objectives and growth, while staying compliant with EU and national data privacy requirements thus, mitigating regulatory and litigation risks.

Our aim is to help our clients make the most of their data, by combining our outstanding expertise on complex technical and regulatory issues with the most effective and innovative legal solutions, tailored on their specific business practices.

Based on a profound knowledge of the market and a noteworthy experience, we deal with the complete spectrum of legal matters relating to IT and privacy field. Hence, our professionals are ready to assist you in achieving your commercial goals, by providing a focused, complete and multidisciplinary assistance on a wide range of matters, including:

  • compliance with EU and local data protection laws and regulations (a complete GDPR implementation process, comprising data flow mapping, internal controls and audits, gap analysis, risk assessments, LIA, DPIA etc.);
  • preparation of documents (information notices, consent forms, privacy and security policies etc.) and aligning the group policies to the local data protection legislation;
  • drafting and revision of data processing agreements, based on a prior assessment of the commercial relationship between the parties (controller-processor, joint controllers, independent controllers);
  • preparation or updating the T&Cs of websites, advertising and promotional campaigns, prize competitions and mobile applications;
  • employment and human resources management activities, whistleblowing procedures and anti-corruption investigations, use of electronic equipment and “bring your own device”;
  • cross-border data transfers;
  • profiling and processing of personal data for marketing purposes and commercial communications;
  • security incidents (data breach, data theft) management and reporting;
  • outsourcing projects, database creation, sharing and transfer of personal data in case of national and cross-border business transfers or mergers and acquisitions;
  • core activities and legal opinions on various data protection matters;
  • preparing and managing responses to data subjects’ requests, as well as providing assistance on submitting inquiries and/or complaints regarding the processing of personal data to data controllers and/or the supervisory authority;
  • training activities and updates on protection of personal data and current legislation;
  • cookie policies and consent rules for websites;
  • due diligence reports.

Additionally, we offer our clients full legal support and representation in complaints, claims, inspection and verification procedures undertaken by the National Supervisory Authority for the Processing of Personal Data, fulfilling notification formalities, as well as obtaining official points of view on varied projects involving data processing activities.