Data Protection
We manage your web privacy: Guaranteed Compliance with the RGPD
Ensuring compliance with the GDPR
Web privacy has become a crucial element for good business development. In our consultancy, PKF Attest, we empower and guide our clients to comply with data protection laws in their organizations. We offer specific, guided and practical advice to achieve and maintain compliance under the GDPR with any updates.
At PKF Attest, we ensure compliance and collaborate with companies to comply with current privacy regulations, including the General Data Protection Regulation (GDPR) and the Organic Law on Data Protection and Guarantee of Digital Rights (LOPDGDDD).
Discover our Data Protection services Protect your company!
Legal compliance consulting
RGPD-LOPDDGDD Consulting
Audit of data protection regulations
RGPD-LOPDDGDD Audit
Annual Data Protection Support
Follow-up of RGPD-LOPDDGDD
External or DPD service or support to the internal DPD
What is a DPD?
Advise and establish a privacy management system and provide evidence of proactive responsibility for GDPR compliance.
- Register of Processing Activities.
- Information clauses
- Contracts and clauses for processing orders
- Incident management procedures.
- Risk analysis report
- Presentation of results
Establish collaboration to carry out an audit of compliance with European regulations on Personal Data Protection.
- Verification of the system's current documentation.
- Internal Audit: Visit to the facilities.
- Preparation of the Audit Report.
- Identification of deficiencies, risks and non-compliance
- Preparation of the Action Plan.
- Improvement proposals.
Maintain the privacy management system and provide evidence of proactive responsibility through the reviews based on the RGPD regulations.
- Update of the RAT.
- Review and update of the Privacy Manual.
- Support in risk analysis:
- Improvement plans and awareness and training actions.
- Attention to consultations on the application of the regulations to specific cases of the organization. - Attention to consultations on the application of the regulations to specific cases of the organization.
In this area we offer services so that as an outsourced or internal DPD (Data Protection Delegate), the following functions can be fulfilled:
- Information and Advice function.
- Function of supervision of regulatory compliance.
- Function of cooperation and liaison with the supervisory authority.
- Function of attention to the interested parties.
Privacy Impact Assessments
EIPD Service
GDPR Situation Diagnosis Service
Data Protection Training
Conduct a PIA to pre-assess data processing risks.
- Register of Processing Activities.
- Informative clauses
- Contracts and clauses of processing orders
- Incident management procedures, attention to rights to be implemented in the organization.
- Risk analysis report
- Presentation of results
Reference: EIPD Guide of the Spanish Data Protection Agency.
Review the data protection system by analyzing:
- Processing activity
- Review of lawfulness, transparency, legitimacy...
- Compliance with the duty to provide information.
- Contracts with third parties.
- View of the exercise of rights.
- Management of security breaches.
- Internal security policies.
- Documentation in force.
- Internal Audit.
- Identification of deficiencies.
- Preparation of the Action Plan.
- Improvement proposals.
Provide training to data handlers in order to learn about processes and:
- Minimize the risk of infringement
- Manage risk situations
- Share and consult with advisors on guidelines for action in the event of incidents or requests for data.
- Review and update the ARP.
- Review and update the Privacy Manual.
- Provide support in risk analysis.
- Create improvement and awareness plans.
- Answer queries on the application of the regulation.
Ensure the security and compliance of your data!
We implement robust data policies and comply with current regulations to protect your customers' confidentiality and avoid legal risks!
What is Data Protection?
RGPD, GDPR or Data Protection Law
Data Protection is a set of rules related to the processing of personal data by companies, organizations, institutions, public administrations, etc., responsible for the processing. These rules generate a series of rights that individuals can exercise and a series of obligations that data controllers must comply with. Whoever does not comply may be inspected by a supervisory authority (Data Protection Agencies) and be sanctioned with fines.
Data protection is regulated in the Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD) and in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (GDPR).
GDPR Compliance: Dealing with data securely
We help you with Data Protection compliance!
The first element to be taken into account for compliance is that the data controller must identify which processing operations it has and create a file for each of these processing operations according to the content established in Art. 30 of the GDPR.
We provide you with an updated "Privacy Manual" with the compliance obligations issued by the different control authorities together with guidelines and legal reports.
What are the obligations of a data controller?
Adherence to legal principles
Have evidence of compliance
-
Principle of "legality, transparency and loyalty".
-
Principle of "finality".
-
Principle of "data minimization".
-
Principle of "accuracy".
-
Principle of "limitation of the conservation period".
-
Safety" principle.
-
Principle of "active liability" or "proven liability".
-
Right of information to those affected.
-
Attention to rights applications.
-
Establish legal links with data processors.
-
To have guarantees for international data transfers.
-
Assess risks related to the rights and freedoms of those affected.
-
Conduct an Impact Assessment in case of high risk.
-
Assign a Data Protection Officer when applicable.
-
Maintaining data security
Reference agencies and institutions
RGPD News
We solve all the doubts about data protection, we talk about the new regulations and how they could affect your company, we inform about changes and compliances in this space dedicated to data protection and RGPD.
