Creating a set of external documents: Privacy Notice, Cookies Policy (+ Cookie Pop-up)
Creating an Internal “User Request” response policy
Preparing and signing Data Transfer Agreements and Data Processing Agreements between the company and each data processor (for example developers in another country, hosting providers, etc.)
Creating a complete set of internal policies for the company regarding its processes and bringing such processes into compliance with these policies (including compliance with technical requirements, the appointment of responsible people in the company in order to carry out the processes related to Personal Data Protection)
Make express preparation for the GDPR, in order to gain the opportunity to cooperate with a large partner company
TASK:
Understand how to bring the company into compliance in a short time, sufficient to start working with a partner, while making a plan for long-term and reliable preparation of the company for full compliance with the regulations
Stages of Work:
01
/ 13
Understanding the company's business model
02
/ 13
Delve into the pocesses of the current state of affairs on the processing of personal data
03
/ 13
Fill out the necessary audit questionnaires together with the client
04
/ 13
Make a plan for irgent and non-urgent alignment of the company
05
/ 13
Communication with the team. Familiarization of the client's team with the basic principles of data processing in accordance with the GDPR and the EU Convention on Human Rights
06
/ 13
Preparation of audit results and approval of action plans
07
/ 13
Getting started
08
/ 13
Compilation of all internal policies
09
/ 13
Internal training of the client's company employees
10
/ 13
Implementing policies in practice, changing processes
11
/ 13
Training employees in case of data emergencies
12
/ 13
Building a plan for the long-term maintenance of the company in accordance
13
/ 13
Making changes to the company's external materials: Website, application, service, platform, personal account, etc
Results:
The company has solved its business problems
The company has a clear long-term plan for implementing GDPR requirements
The company has approved internal documents and procedures, so that it can demonstrate its compliance with the GDPR regulations
It is easier for a company to get ISO certification
The company is prepared to work with large and partner companies
Employees are trained in how to process user data
The company's internal processes have been changed in accordance with international rules and standards for the processing of personal data, which automatically means compliance not only with GDPR, but also with the laws of most similar laws in other jurisdictions
We know how the online business works from inside out
We are an integral part of your team when entering the EU and US markets
It is important for us to solve your business task, and not to impose a legal solution
We have experience in handling legal disputes on behalf of the client on US and EU markets
What Clients Say About our Work
Avitar has been supporting our company Softcube since 2018. All this time, their advice was professional, comprehensive, and accurate. Avitar team has excellent expertise in GDPR and copyright law. It is a pleasure to work with them
Oleg Lesov, CEO Softcube
Efficient and effective. Our team has spent min time for explaining our needs and we received tailored and prompt work result. Highly recommend
Dmitry Budorin, CEO Hacken
They're very good in GDPR compliance and user agreements. Our Bookimed team mates are satisfied dealing with Avitar
Evgeniy Khotyanov, CEO Bookimed
The guys are very cool! Minimum of violence against the client, maximum result. In case they are not capable of doing the job, they will find who will - and this is very valuable. Highly recommended!
Nikita Fursov, Founder at 1Dea.me
Developed documents for a web platform that works in the US and Ukraine. Everything is high quality. We will contact more!
Arthur Kritsak, Founder of InReepublic
Before meeting the guys, their recommendations. In my view, the development and scaling of the business was, it was necessary to rush, and then we will deal with putting in order the processes and documents
Eugene Kuzmin, CEO MORZA.co
FAQ
Is GDPR a technical or legal issue?
Which business is 100% not covered by the GDPR?
Why should I contact lawyers? I believe that I myself can determine if I need a GDPR
I have a personal data processing policy on my site. It's enough?
How long does it take to bring your business to GDPR?