Analysis of the client’s conformity with the data privacy regulations and proposal of corrections and steps plan.
Support with the implementation of data privacy regulations and maintenance of compliance, including:
Mapping the transit of personal data within the organization
Assessment of the existing personal data inventory, to define the excessive personal data and its elimination
Definition of the legal basis for each personal data processing operation
Analysis and definition of the personal data retention periods, according to the legal and regulatory requirements
Elaboration of policies, like Privacy Policy, Data Retention and Elimination Policy, Policy of Clean Table and Screen, Information Security Policy, etc.
Elaboration of Consent Form
Adaptation of the in-house and outside documents, including amendments to existing contracts to establish data protection-related obligations
Critical evaluation of the processing operations that require a higher level of attention and elaboration of the Data Protection Impact Assessment (DIPA)
Conduction of training and awareness campaign, with periodic retraining
