Data protection & integrity
What obligations do you have according to the General Data Protection Regulation (GDPR)? What personal data can you process? Do you need to enter DPAs with suppliers? Can you transfer personal data outside of the EU/EEA? How do you handle an individual’s request to get its personal data deleted? What is required of you when you detect a personal data breach? Do you have enough documentation to support your personal data processing?
Data protection and integrity issues are becoming increasingly important in today’s information society with data as the new gold. Through the GDPR and related data protection laws, the protection of individuals’ personal data has been strengthened while the obligations of companies, authorities, and others who process personal data have increased.
Wistrand provides advice to various businesses and industries on all issues relating to data protection and integrity. Our clients range from Swedish and international groups to startup companies.
We provide advice in areas such as:
- Compliance issues and GDPR audits
- Legal basis, e.g legitimate interest and consent
- Information to data subjects, e.g personal data policy, cookie policy and consent clauses
- Routines for managing data subjects’ rights
- Records of processing activities
- Data processing agreements (DPAs)
- Other agreements, e.g. joint data controller agreements, GDPR clauses, and data sharing agreements
- Routines for deletion of personal data
- Personal data breaches
- Data protection impact assessments (DPIA) and prior consultations
- Codes of conduct and certification
- Transfers to third countries
- Supervisory matters
- Dispute resolution