GDPR policies and pocedures

Accountability is one of the most important concepts introduced by GDPR. Accountable companies must have proper policies and procedures in place to ensure proper handling of personal data.

Proper policies and procedures help organisations to meet regulatory compliance obligations, reduce the risk of data breach, promote trust and confidence and make all subjects aware about data processing in the organisation.

ECOVIS ProventusLaw can:

Prepare the main document package for personal data processing:

  • privacy notice (external privacy policy). External document to customers, candidates to employees, website visitors and other data subjects that describes how the organisation collects, uses, shares, retains, etc. personal data.
  • internal data privacy policies and procedures that regulate how organisations processes personal data.
  • procedure for use of information and communication technologies.
  • procedure of data breach management and notification.
  • personnel’s and candidates’ personal data processing policy.
  • access control policy.
  • other internal instructions related to data protection.

Loreta Andziulytė

Lawyer, attorney at law, partner of the law firm, CIPP/E.

Contact person