GDPR Compliance Audit
The European Union’s new General Data Protection Regulation (GDPR), which became enforceable on 25 May 2018, has brought significant changes in data privacy, impacting every business operating within the European Union, from small- and medium-sized enterprises to large corporations and multinationals.
This new regulation unifies data privacy legislation across the whole territory of the EU and contains strict provisions regarding all data management which companies undertake, and most particularly data- and IT security issues.
Besides the new regulation itself, national legislation stills remains in force in member states with respect to certain specific areas, so simply complying with the provisions of the regulation will not suffice; you also need to ensure compliance with any amendments ratified to national data privacy legislation.
At Sár and Partners we have been closely monitoring the legal steps which need to be taken to ensure compliance with GDPR since the regulation entered into force and, through the numerous articles we have published and events we have attended, we have sought to take a very practical approach to the legal environment of the new data privacy legislation.
When it comes to GDPR, we firmly believe that truly competitive solutions and services can only be delivered by harmonising different areas of expertise to create a complex, integrated service, equipping clients with effective, proven responses to the technological, organisational, management, human resources and legal issues in a valuable, comprehensive toolkit.
Besides conducting comprehensive GDPR compliance and data privacy audits, our extensive experience in the legal issues impacting online services, online payment systems, and electronic- and mobile commerce means we are ideally suited to furnish corporate clients with targeted legal solutions to complex data privacy and e-commerce issues across a full spectrum of on- and offline operations.
OUR GDPR COMPLIANCE- AND E-COMMERCE-SPECIFIC AUDIT SERVICES PROVIDE YOU WITH
PHASE 1 – DUE DILIGENCE
We examine actual data privacy compliance with GDPR, assessing regulatory needs and any modifications required.
We examine actual compliance with e-commerce legislation, assessing regulatory needs and any modifications required.
PHASE 2 – IMPLEMENTATION
We prepare and revise regulations, contracts, and general terms and conditions of business to ensure compliance with GDPR.
We prepare general terms and conditions of contract for data privacy, data management and IT security as mandatory appendices to contracts.
PHASE 3 – EDUCATION
We design and deliver bespoke training for current staff and prepare training materials in the form of PowerPoint slides.
We prepare data privacy training materials for future recruits, and train GDPR compliance and e-commerce officers.
PHASE 4 – SUPPORT
We respond to and provide legal counselling with respect to any questions which may arise in the course of business operation. We revise outcome documents as required to reflect evolving judicial practice and subsequent legislative changes.