Adaptation to the GDPR
Our digital consulting services cover the adaptation to our clients’ GDPR and other local regulations, as well as the maintenance of their privacy system. With Certus’ digital legal advice, you can rest assured of the following:
- adaptation of internal documentation that allows proper management of personal data in the company;
- preparation of information clauses for effective compliance with the duty to inform;
- analysis of the website and preparation of legal texts, with recommendations for its adaptation to the applicable regulations (LSSI, GDPR);
- drafting of contracts for the structuring of legal relationships with third parties;
- development of internal policies and procedures;
- carrying out a risk analysis of the processing of personal data, as well as the identification and adoption of security measures to guarantee a correct level of security to guarantee the confidentiality, integrity, and availability of personal data;
- legal defense in sanctioning or inspection procedures, as well as the resolution of conflicts;
- application of Whistleblowing programs;
- audit management;
- advice on online marketing, specializing in Adtech.
- the organization of training programs.
Data Protection Officer (DPO)
The Data Protection Officer (DPO) is a new figure introduced by the GDPR, in charge of ensuring compliance with data protection regulations in the company. Certus digital consultancy experts provide you with the DPO outsourcing service. A personalized model that adapts to the characteristics of your organization to ensure the correct treatment of the company’s liability information. The DPO functions that you can outsource with Certus are:
- inform and advise the company and the employees involved in the processing of data;
- monitor compliance with EU or Member State data protection regulations;
- report on the design stage of new products or services (Privacy by Design)
- design and implement procedures for the management of security breaches and attention to the rights of the interested parties;
- act as a point of contact with the Spanish Data Protection Agency (AEPD);
- raise awareness and regularly train staff on data protection and information security;
- carry out risk analysis and data protection impact assessments (DPIAs);
- solve queries and attend to the exercise of the rights of the interested parties, as well as legally defend in sanctioning or inspection procedures.