Data protection officer

(Art. 37 GDPR)

Data Protection Officer (DPO) play a key role in your organization`s data protection governance structure. Persons authorized by us are highly qualified professionals with many years of experience with auditing informational systems and assessing risks. They are trained in both national and European law of data protection and its application in practice.
Try now free consulting

The responsible person is also obliged

to monitor compliance with the Regulation and the Law within and outside the EU

to propose consents to the processing of personal data for the persons concerned, if the data processing is not performed by the Controller on another legal basis pursuant to Article 6 para. 1 of the Regulation

perform risk analysis of information systems from the point of view of information security

develop technical, organizational and personnel measures

participate in inspections carried out by the Office

supervise the cross-border flow of personal data

assess the impacts on information systems

in cases stipulated by the Regulation and / or the Act, to report the personal data breach to the Office and, if necessary, to the persons concerned, without delay, as soon as they become aware of such a breach, but no later than within 72 hours

f) propose instructions for authorized persons and the scope of permitted activities for a specific system

examine incident reports and respond to suggestions from those concerned

perform customer audits at intermediaries

perform other tasks of the responsible person stipulated by the Regulation, the Act and / or this Contract

The Data Protection Officer also oversees the correct and continuous fulfilment of the operator's basic obligations, ensures the instruction of authorised persons, deals with requests from the concerned persons about their rights, comprehensively provides safety measures and their updates, oversees the selection of providers and "monitors" the relationship with the provider even during the contractual relationship, oversees cross-border flow of personal data and addresses the personal data information system registrations agenda.
Take advantage of the possibility of external performance of the data protection officer function. Group Undertaking („Group Undertaking“ any holding company together with its subsidiary) can designate one data protection officer if it is easily accessible from each establishment

Our services


Data Protection
Impact Assessment

(Art. 35 GDPR)

Data Protection Impact (DPIA) is required for systematic personal data processing, which is based on automated data processing, processing of specific categories of personal data in large quantities and systematic monitoring publicly accessible places in large scale.


Development of Data
Processing Agreements

(Art. 28 GDPR)

Processing by a processor shall be governed by a contract or other legal act under Union or Member State law, that is binding on the processor with regard to the controller and that sets out the subject-matter and duration of the processing, the nature and purpose of the processing, the type of personal data and categories of data subjects and the obligations and rights of the controller.


In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority.

We will provide:
  • cooperation in case of handling an incident and proposing adequate measures
  • processing a notice of personal data breach for the Office for Personal Data Protection
  • processing a notice of personal data breach for data subjects
  • cooperation with the Office for Personal Data Protection

We will design:
  • internal procedures that provide general principles and responses to a violation of privacy (data breach)
fa fa-area-chart
Clients in EU
fa fa-user
Data protection officer
fas fa-globe-europe
We are in countries