logo of privacyspec

Data Protection Advisory and Consultations

by

Advisory and consultations services are tailored to help professionals and subject matter experts to make sure their projects are in compliance with data protection requirements.

How do we engage our clients? As a principle, clients have access to consultations in their own environments, whether it be Teams, Slack or other solutions.

Why to use external services? While not suitable in all cases, as an external service provider we have more in-depth knowledge of data protection and how to implement actions necessary to satisfy client´s risk appetite. Usually, clients choose us as an external consultant because:

  • Data protection related input is necessary in a fixed timeframe
  • Using the service when needed will allow flexibility for project and budget management
  • Direct access for the whole team, eliminating any middle men for communications

Check the comparison of inhouse vs external advisor here. Fair to note that we do not usually replace the internal advisory or lawyer and in best use cases we work together, combining our strengths and reaching the target seamlessly. Read common consultation topics below and reach out us.

LEGAL

Commonly we advise lawyers and other legal professionals on:

  • Data Protection Agreements
  • Internal policies
  • External documents, agreements and notices
  • Contractual obligations regarding personal data
  • NDAs
  • Obligations of data protection officer
  • Governance of data protection matters
  • Internal processes regarding data protection
  • Internal processes regarding contract management
  • Incident management
  • 3rd party management

Human Resources (HR)

Consultation topics for HR professionals include:

  • Recruitment process and personal data
  • Employee onboarding and offboarding
  • Employee personal data
  • Internal policies
  • HR software GDPR compliance
  • Employee tracking and evaluations
  • Employee personal data retention
  • Background checks and personal data

Consumer Finance

Our expertise in finance includes:

  • Customer data life cycle
  • Source of data and data accuracy
  • Creditworthiness assessments
  • External data sources
  • AML and personal data (beneficial owners, data sources, retention)
  • Fraud prevention and personal data
  • Access and Data disclosure to 3rd parties
  • Data retention
  • Operations on customer data, including analytics and business development
  • Data warehouse and data protection matters

Healthcare

Healthcare and data protection often revolve around:

  • Personal data of the patient and data life cycle
  • Access to personal data during provision of medical services
  • Systems used to store, share and work with personal data
  • Scientific research on medical data

Education

We advise professionals in education field on:

  • Personal data of students
  • Systems and environments used in education
  • Data retention
  • Data access
  • Consents of students
  • Privacy of students

IT / CISO

We work with our partners IT related matters such as:

  • Internal policies
  • Appropriate technical security requirements
  • Data retention
  • Software development and privacy requirements
  • Role of CISO and common data protection related questions from the organization
  • Information Asset Mapping
  • IAM
  • Incident Management
  • 3rd party management