With our own professional team and we will provide you with all-inclusive service of a data protection officer who is fully qualified to perform such role under the conditions laid down in Article 37 of GDPR. Under the Regulation, controllers are required to mandate a data protection officer. However, controllers who do not meet such conditions may decide to designate a data protection officer.
Such an analysis of the state of personal data protection with respect to GDPR is essential in order for processes to be set correctly. Based on a thorough analysis we will be able to:
After the initial analysis, it is necessary to prepare all documents and forms defining all flows of personal data and processes designed to ensure the protection of personal data. The documentation shall include the following:
Implementing GDPR, which we consider one of the most important activities in the provision of our services. We will help you put the analysis and all the documents into practice. Setting up the protection of personal data is not just writing down the steps on paper, but mainly configuring the personal data protection system by adoption of certain security measures within the framework of:
Personal data protection spans across a broad range of issues and advances constantly. Regular advice served by the data protection officer will take away the burden from you to watch out for updates of new guidelines and revision of laws. Your assigned data protection officer will monitor all changes in the area of personal data protection and prepare the necessary forms accordingly, and keep you informed about current events in the area of personal data protection. The data protection officer will also perform periodic inspections and training activities in your organisation at agreed intervals to prevent any potential errors in the processing of personal data.
Choosing the right and reliable advisor is always a great help in improving yourself. Above all, consulting in the field of law is extremely broad-spectrum and affects almost all areas of the life of entrepreneurs and individuals, therefore the choice of a legal advisor is extremely important. In the law office Hronček & Partners, s. r. o. we pay attention to professionalism and high quality legal services with an individual approach. Our main goal is to provide legal services of the highest quality and to bring innovative and professional solutions for the client so that we become their trusted partner.
Preparation of a new, tailor-made, basic Controller's Security Documentation, updated according to the current legislation, available decision-making and interpretation practice of the authority (internal regulations intended for the protection of personal data)
Processing of data protection impact assessment (DPIA) documentation pursuant to Art. 35 of the GDPR regulation, which is special documentation that the operator is obliged to process only if the legal prerequisites are met (e.g. large-scale processing of special categories of personal data, systematic monitoring of public spaces on a large scale, processing of biometric data and others).
Analysis of the processes in the processing of personal data at the customer processing personal data (mapping of purposes, processing of personal data, legal bases, security management, information security, physical security and object security, intermediary contracts, business conditions, regime measures, personnel and administrative security), which will be carried out on the basis of a personal consultation. The analysis shall include proposals for the security of personal data and proposals for the necessary measures to be taken and implemented by the Customer to bring the processing of personal data in line with the GDPR and the law.
Setting up a cookies on websites in accordance with the amendment to the Electronic Communications Act and the GDPR regulation. We still encounter incorrect technical settings, settings of banners and information bars or information obligations.
The training is focused on the legitimacy of personal data processing as well as the security of personal data. If interested, we can provide training aimed directly at the given professional group.
The topic of personal data protection does not only concern the GDPR regulation and the Personal Data Protection Act. When setting up individual processes and processing activities, it is also necessary to follow national legislation regulating the specific areas of activity of individual operators (e.g. crowdfunding, provision of installments and loans, etc.).
Information security is a solution for securing information systems, information and access to data. The information security management system is evolving with respect to the culture, processes, technologies and requirements of your company / organization. ISO / IEC 27000 standards are a recognized standard in this area to help ensure that your information security policy is appropriate.
Under the Act no. 69/2018 Coll. on Cybersecurity and on Amendments to Certain Acts, an operator of essential services is required to introduce security measures, and is also obliged to verify the effectiveness of the security measures and compliance with the requirements established by this Act. An operator of an essential service is anyone who meets at least one sector-specific criterion and one impact criterion.
The subject of the service is the processing of documents pursuant to Act No. 215/2004 Coll. and the relevant decrees of the NSA (National Security Authority), the purpose of which is to ensure the processing of documentation that must be submitted to the National Security Authority in order to obtain an industrial security certificate for the classification level Restricted or Confidential (familiarisation with classified information, hereinafter referred to as the “CI”, storage of the CI in a protected area or together with the documentation for a technical means and the CI processing through a technical means).
We also carry out the security settings of the technical means (e.g. PC) according to the recommendations of the NSU -specified for your company, we will set up your technical means for the needs of certification.