Solutions
From organisations' real needs to the solutions that resolve them.
Organisations come to data protection through concrete needs — a doubt about the obligation, a request from a data subject, a breach, a product launch. Each transformation need has a structured solution and the service that delivers it.
“We don't know whether we must appoint a DPO.”
A screening of the obligation under Article 37 GDPR and Article 34 LOPDGDD, with a documented conclusion.
“We have no record of processing activities.”
The construction of the Article 30 record and the data protection programme.
“We receive rights requests and claims and cannot handle them.”
Procedures and the DPO's intervention in claims prior to the AEPD (Art. 37 LOPDGDD).
“We had a breach and don't know whether to notify.”
A response procedure with the assessment and the 72-hour notification to the AEPD.
“We are launching a product or AI system that processes a lot of data.”
A Data Protection Impact Assessment under Article 35 GDPR.
“Our internal DPO is in a conflict of interests.”
An external DPO, independent and under a service contract, optionally certified under the AEPD-DPD Scheme.
“Our teams are not aware of data protection duties.”
Professional technical training and awareness programmes.