GDPR policies and pocedures

Accountability is one of the most important concepts introduced by GDPR. Accountable companies need to have proper policies and procedures in place to ensure proper handling of personal data.

Having proper policies and procedures help organisations to meet regulatory compliance obligations, reduces the risk of data breach, promotes trust and confidence and makes all subjects aware how the data is handled at the organisation.

ECOVIS ProventusLaw can:

Prepare the main document package for personal data handling:

  • Privacy notice (external privacy policy). External document to customers, candidates to employees, website visitors and other data subjects that describes how the organisation collects, uses, shares, retains, etc. personal data.
  • Internal data privacy policies and procedures that regulate how organization handles personal data.
  • Procedure for the use of information and communication technologies.
  • Procedure of data breach management and notification.
  • Personnel and candidates‘ personal data processing policy.
  • Access control policy.
  • Other internal instructions related to data protection.

Loreta Andziulytė

Lawyer, attorney at law, partner of the law firm, CIPP/E.

Contact person