Significant advancements in the field of information and communication technology and the growth in network interoperability such as the internet, global corporate networks and the cloud, have radically increased the ease which data may be collected, stored, transmitted, manipulated and disseminated. These developments have led to legislative changes and the emergence of a new regime of privacy protection. On the 25th May 2018, data protection law will change and the EU General Data Protection Regulation (“GDPR”) will take effect.
The regulations regarding data protection have expanded, imposing complex privacy and data protection requirements. First of all, let’s just say that the adoption of GDPR is mandatory. Consequently, should your organization be found inconsistent with GDPR, penalties can be expected such as the higher of 4% of the annual turnover or €20 million.
Regardless of the organization’s physical location, GDPR is applicable to all companies that hold and own personal data in the European Union. Even if your company is not in the EU, you will still have to comply with the GDPR.
We advise multinational companies and organizations on all aspects of data privacy, security and information management, including:
- Examination of the controls adopted as to the manner for collecting, processing, storing, retaining and destroying data and providing legal assistance for compliance.
• Assistance with analysing and implementing changes arising from the application of the EU General Data Protection Regulation (GDPR) and any privacy issues, disputes or questions of data protection law.
• Preparation and filing with the Data Protection Commissioner Office of various forms required for notification purposes or for the transfer of personal data to countries outside the European Economic Area (EEA).
• Internal organisational seminars about GDPR and its practical implementation within the company.
• Drafting or reviewing privacy policies, data Processing, disclosure and confidentiality Agreements.
• Issuance of legal opinions on data protection and electronic commerce issues.
• Legal advice regarding the processing of personal data in the employment context and health organizations and/or companies that are processing sensitive data.
• Assisting companies with establishing and maintaining data privacy and data security compliance such as data breach policies and procedures for reporting to the relevant Authorities on data security breach incidents.
• Advising on content issues, terms and conditions, relating to websites and providing mechanisms to comply with data protection Regulations.
• Electronic commerce issues, electronic signatures, direct marketing activities, the use of social media in business and any other data security considerations relating to personal mobile devices and installations of CCTV’S.
Feel free to have a look at our articles on How the new EU Data Protection Law will affect companies and learn everything about CCTV’S at your workplace.
Xenia Kasapi | Legal Consultant to Data Protection & Privacy Department
Xenia is the Head of our Data Protection & Privacy Department. Xenia was also the author of articles published in Mondaq, one of which was awarded and ranked as very popular in the topic of Data Protection Law.
Demetris Ioannou | Senior Assistant to Compliance Department
Demetris is a senior member of Totalserve’s compliance and AML team. Demetris also acts as the company’s Data Protection Officer.