Today, personal data are a fundamental asset value for the individual to which they refer, as well as for professionals and companies that process them as part of their business.
The clear vision of the risks deriving from an inefficient management of such data (data breaches, etc.) - allows EXP Legal to effectively protect the interests of the clients, both as data controllers, as data processor or interested parties, in order to avoid them significant economic and reputational damage deriving from illicit, inappropriate, disproportionate and non-transparent process.
Our focus on “planning” and the consequent maximum attention in all moments of the collection, storage and processing of personal data, allows us to provide a complete risk assessment and management analysis, based on compliance with principles and rules of EU Regulation 2016/679 ("GDPR"), of the national adaptation rules and of the soft law provisions issued by the Data Protection Authority of personal data.
- Drafting of company policies
- Carrying out DPO assignments (pursuant to Article 37 of the GDPR)
- Drafting of documents for the appointment of the data processo
- Drafting of other relevant documents, such as: records of processing activities, data breach management procedure, data subject rights management procedure, "Data Protection by Design and by Default" procedure, data protection impact assessment (DPIA)
- Compliance with the legislation on the protection of personal data and cookies
- Advice on the processing of personal data in the context of social networks
- Assistance in proceedings before the Data Protection Authority
- Assistance with reference to requests for data communications by independent authorities
- Advice in relation to privacy issues relating to e-commerce activities
- Advice in defining strategies for data transfers abroad