The European Union’s (EU) General Data Protection Regulation (GDPR) is designed to safeguard an individual’s right to personal data privacy, provide for a single set of data privacy rules across Europe, and enhance the flow of personal data between EU Member States. The GDPR imposes complex (and sometimes counterintuitive) privacy and data protection requirements and obligations that restrict when and how companies can process the personal data of individuals in the European Union. 

If your company is required to comply and fails to do so, you potentially face significant monetary penalties as well as reputational damage. Putting the necessary systems and processes in place may seem like an insurmountable regulatory challenge, but we can help. With decades of experience addressing global privacy issues, our Privacy & Cybersecurity team offers a proven, structured strategy to help your company achieve compliance. We have guided clients in a broad range of industries through designing and implementing the policies, systems and practices necessary to comply with the GDPR requirements.

Our flexible GDPR Compliance Assessment provides your business with an independent analysis to ensure that your data processing and security protocols and procedures adhere to GDPR requirements. The assessment is tailored to your business’s size, scope and needs to evaluate compliance with the GDPR obligations. Along with our findings, we provide specific advice and recommendations to address any issues identified as well as assist with questions that may arise.

GDPR Obligations:

  • Data inventory & mapping
  • Privacy notices
  • Consent & data processing
  • Designation of data protection officer
  • Request & access
  • Data portability
  • Data security & impact assessments
  • Data breach response
  • Cross-border transfers
  • Cloud computing & third party/vendor management