Personal data protection is not a formality — it is a commitment to the people whose data you process. I work with private and public organisations to turn the requirements of Regulation (EU) 2016/679 into everyday practice.
Services
- Outsourced DPO — taking on the data protection officer role, including the necessary legal and technical support, in partnership with specialised law firms.
- GDPR compliance assessments — processing audits, records of processing activities (ROPA), risk analyses and remediation plans.
- Data protection impact assessments (DPIA) — for high-risk processing, including new technologies and monitoring.
- Data breach management — assessment, documentation and notification to the supervisory authority and data subjects, from both a legal and a technical perspective.
- Policies and procedures — privacy policies, data subject rights procedures, contractual clauses with processors.
- Employee training — practical awareness sessions tailored to each department.
How I work
GDPR implementation is a team effort. Compliance is not negotiable — but the road to it is built together with management and employees, step by step, with measures proportionate to the real risks.
Get in touch for an initial conversation.