In this area we offer the following services:
Risk assessment and data protection impact assessment (DPIA) -> services include:
- carrying out a risk assessment and data protection impact assessment;
- verification of the assessments carried out in terms of the criteria resulting from the GDPR;
- preparing methodology (procedures) of risk assessment and data protection impact assessment.
Reaction to data breaches -> services include:
- support in identifying a data protection breach;
- risk assessment for breach notification and notification to the data subject;
- support with incident notification;
- preparation of the infringement reporting procedure; training employees in identifying and reporting incidents.
Handling requests of persons whose data is processed -> services include, among others:
- support in responding to requests from data subjects;
- assistance in determining the method of identity verification;
- verification of the legitimacy of the request made;
- verification of the prepared response before sending it to the data subject;
- verification of the process of handling the submitted request;
- developing a procedure for exercising the rights of data subjects.
GDPR training -> services include:
- cross-sectional training on GDPR (basic);
- specialized training, e.g. in risk analysis and impact assessment;
- training for management staff.
Good practice codes and certification -> the services include:
- support in the development of codes of conduct;
- verification of the developed code of conduct in terms of formal and content.