Data Protection (Personal and Non-Personal)
More SpecialtiesWe help clients ensure that their data processing activities comply with EU and national legal requirements, combining implementation experience with a practical approach to managing regulatory risk.
We conduct comprehensive implementation projects and compliance audits: mapping data processing activities, preparing records of processing activities, privacy notices, and data processing agreements. We also advise on adapting documentation and procedures to GDPR requirements.
We draft and negotiate agreements with data processors, including cross-border transfers, cloud service arrangements, and joint controllership agreements. We ensure contracts reflect real technological and business challenges.
We support controllers and processors in day-to-day matters - from handling data breaches and data subject requests to preparing for regulatory inspections and updating documentation.
We also advise on the use of non-personal data - industrial, research, and medical. We assist in classifying data and applying the rules of the Data Act, Data Governance Act, or European Health Data Space, enabling the safe development of data-driven projects.
We design privacy policies and user communication tools - for both B2C and B2B contexts. We prepare notices, marketing consents, and privacy policies that support transparency and build trust. We also organize training for IT, HR, marketing teams, and management boards, focusing on the practical application of regulations and strengthening staff competencies.
Through our comprehensive approach to personal and non-personal data, we enable clients to safely unlock the potential of data while reinforcing trust among users and business partners.