General Data Protection Regulation


Legal advice and assistance, in both advisory and contentious matters regarding the implementation of privacy regulations in compliance with the legislation, in particular the new EU General Data Protection Regulation (GDPR). The firm provides services such as assessment of regulatory compliance, proxies for data controller and data processor, drawing-up of contracts for the Data Protection Officer (DPO) and the data controller, privacy notice, consent form, specific issues related to the processing of personal sensitive data, data access requests and disputes before the Data Protection Authority.


Some representative experiences


  • Multinational pharmaceutical Company: audit regarding GDPR compliance and drawing-up of documents and contracts in compliance with the European legislation and in line with the group model.
  • E-commerce Company: analysis and advisory services regarding the processing of customers’ personal data though e-commerce web site, adequacy assessment of the company structure to comply with the major changes in the GDPR, review of documents, privacy organizational chart and contracts to appoint the data controller and the DPO.
  • Multinational company operating in the biomedical sector: advisory services to provide appointment , proxies and define responsibilities in compliance with the GDPR..
  • Company operating in the media and entertainment industry : legal assistance in the managing of privacy-related issues to create an international policy, compliance with the GDPR and compatibility with the existing policies, the processing of translators and consultants’ personal data, identify responsibility and people involved.
  • Multinational Company producing diagnostic instruments: advisory services regarding the processing of employees’ personal data and creation of an application, in the company-wide intranet, for job application or proposal to change job tasks, drawing-up of related documents, privacy notice, consent form of employees according to the national legislations of different Countries (Europe, US).
  • Multinational Insurance Group: advisory services regarding data processing issues related to insurance policy of a large supermarket chain and fidelity cards ; privacy notice for customers and overseas data processing, data processing related to customer profiling.
  • Manufacturing Company: opinion regarding the major changes in the GDPR, guidance on duties for the company, implementation of compliance program.
  • Multinational Group operating in the rubber industry/cables: advisory services regarding data processing in managing the information portal for human resources selection, collection of CV and applicants’ professional profiles, assistance in overseas data processing and drawing-up of privacy notice.
  • Transportation and Logistics Company: advisory services regarding installation of geolocation and tracking systems.
  • Consumer Retailer Company: advisory services regarding personal data processing, in particular, of suppliers, customers, and marketing related activities, review of privacy notice and consent form in compliance with the GDPR.
  • Online Insurance Company: legal advice and assistance regarding processing of data related to insurance quotes, overseas data processing, privacy notice for customers and drawing-up of related documents.
  • Railway Corporation: legal assistance before the Data Protection Authority in a dispute related to photographs taken by a customer and ongoing advisory services regarding the processing of employees’ personal data.
  • Bank Group: advisory work regarding processing of customers’ personal data related to transfer and acquisition of subsidiaries.
  • Manufacturing Corporation: legal advice and assistance regarding installation of CCTV, negotiation with Unions and drawing-up of the related minutes of settlement.
  • Prominent national Bank Group: legal assistance in the settlement procedure before the local Employment Office concerning the recording of phone orders by customers to bankers.