GDPR

In today’ s digital era, the General Data Protection Regulation (GDPR) sets out the rules for the data protection, giving EU citizens control over their personal data and imposing responsibilities on businesses.
We offer full & complete GDPR compliance of your organisation, or separately GDPR services, depending on your needs.

Indicatively:

• to inform and advise you and your employees about your GDPR obligations and data protection laws;
• to monitor GDPR compliance, including data protection management, training staff, conducting internal audits;
• to provide advice on data protection impact assessment (DPIA)
• to cooperate with the supervisory authority  for data protection
• to act as a contact point for individuals
• to consult on data protection issues and on a data breach or incident
• to keep the record of processing operations.

We can draft clear Privacy Policy for your business informing people about the processing of their personal data and their rights and thus securing transparency and compliance. If your business has a website, we can deliver a comprehensive Cookies Policy, namely a statement of how cookies are used, and a Cookies notice with options of cookies, which are mandatory for your website compliance.

We can deliver tailored-made Security Policy and Disaster Recovery and Contingency Plan for your business in consultation with IT experts optimizing security measures and data protection from threats.

We can help you apply data protection by design and by default, by embedding the data protection principles in your processing activities and adapting or redrafting contracts and/or procedures, securing that, by default, only personal data which is necessary is processed.

For high-risk processing we can carry out a Data Protection Impact Assessment (DPIA) to identify security gaps and set appropriate safeguards to mitigate the risks helping you thus demonstrate compliance.

We can make and/or keep a record of the processing activities of your organisation, giving you thus an overview of your data flow and ensuring GDPR compliance.

We can draft a Data Processing Agreement (contract) for the organisations or people that assist you with the processing of personal data, either the data is processed in the EU or transferred out of the EU, respecting standard contractual clauses in the last case.

• document of any personal data breaches
• notify the Data Protection Authority, when there is a risk, and
• inform affected individuals, where the breach is likely to result in a high risk for them.

Our professionals are experts in data protection with years of experience and can offer training seminars to your staff tailored to your needs of your company. Many of them are organized with certified training centers and may be subsidised by Cyprus Human Resources Development Authority (HRDA).

We can also check your systems for GDPR compliance and/or cybersecurity protection and deliver specific solutions in cooperation with our IT partner SHELT GLOBAL LTD, which is globally GDPR and ISO/IEC 27001:2022 certified.

You can contact us for any queries you may have about data protection, and we will give you information on the specific topic or issue you have.