In this area we offer the following services:

Risk assessment and data protection impact assessment (DPIA) -> services include:

• carrying out a risk assessment and data protection impact assessment;
• verification of the assessments carried out in terms of the criteria resulting from the GDPR;
• preparing methodology (procedures) of risk assessment and data protection impact assessment.

Reaction to data breaches -> services include:

• support in identifying a data protection breach;
• risk assessment for breach notification and notification to the data subject;
• support with incident notification;
• preparation of the infringement reporting procedure; training employees in identifying and reporting incidents.

Handling requests of persons whose data is processed -> services include, among others:

• support in responding to requests from data subjects;
• assistance in determining the method of identity verification;
• verification of the legitimacy of the request made;
• verification of the prepared response before sending it to the data subject;
• verification of the process of handling the submitted request;
• developing a procedure for exercising the rights of data subjects.

GDPR training -> services include:

• cross-sectional training on GDPR (basic);
• specialized training, e.g. in risk analysis and impact assessment;
• training for management staff.

Good practice codes and certification -> the services include:

• support in the development of codes of conduct;
• verification of the developed code of conduct in terms of formal and content.