Services Compliance About Us Customers Contact Us
SK|EN
Back to Services
04 — Data Protection

GDPR & Data Protection

GDPR compliance is not a paper formality — it is protection for your business against fines of up to EUR 20 million. We provide comprehensive documentation, the DPO function and long-term compliance.

Regulation
GDPR (EU) 2016/679
DPO Function
External data protection officer
Act No. 18/2018
Slovak legislation
What's Included

Complete GDPR Compliance from A to Z

We cover the full scope of obligations arising from GDPR and Act No. 18/2018 Coll. — from the initial audit to long-term documentation management and representation before the supervisory authority.

GDPR Compliance Audit
Comprehensive audit of current personal data processing practices and identification of gaps against Regulation 2016/679 and Act No. 18/2018 Coll.
Records of Processing Activities (ROPA)
Preparation and maintenance of processing activity records under Article 30 GDPR for all personal data processed by the organisation.
Information Obligations (Privacy Notices)
Creating transparent information notices for customers, employees, website visitors and other data subjects.
Data Protection Impact Assessment (DPIA)
DPIA for high-risk processing operations — mandatory for certain types of processing activities.
DPO Function
External performance of the Data Protection Officer role — advisory, communication with the supervisory authority and employees, compliance monitoring.
Data Processing Agreements (DPA)
Drafting and reviewing data processing agreements with all suppliers and processors under Article 28 GDPR.
Internal Policies & Procedures
Creating internal data protection regulations — policy, employee guidelines, rules for HR and marketing teams.
Breach Notification Procedures
Setting up processes for personal data breaches — reporting to the supervisory authority within 72 hours and notifying affected data subjects.
Data Subject Rights
Implementing processes for handling access, erasure, rectification, portability and objection requests.
Employee Training
Regular GDPR training for all employees — including online format and records of completed training sessions.
Representation before the DPA
Communication with the supervisory authority during inspections, incident reports and DPO registration.
Periodic Reviews
Regular documentation updates, monitoring legislative changes and an annual report on the organisation's GDPR compliance status.
Who It's For

Who Needs GDPR Compliance

  • Every company processing personal data of individuals — without exception
  • E-shops, marketing agencies and companies with CRM systems and customer databases
  • HR departments processing employee, candidate and supplier data
  • Healthcare facilities processing sensitive patient health data
  • Financial institutions subject to both GDPR and DORA regulations
  • Organisations required to appoint a Data Protection Officer (DPO) under GDPR
Problems We Solve

Risks of Non-Compliance with GDPR

  • Supervisory authority fines — up to EUR 20M or 4% of annual global turnover
  • Reputational damage upon disclosure of a customer data breach
  • Data subject complaints and legal proceedings for unlawful processing
  • Violation of employee rights through improper HR data management
  • Missing documentation during a supervisory authority inspection
  • Supplier contracts lacking mandatory data processing clauses
Legal Framework

Legal Basis for Data Protection

Our work is grounded in current European and Slovak data protection legislation, tightly linking the legal and technical dimensions of compliance.

GDPR
Regulation (EU) 2016/679
The General Data Protection Regulation — the primary legal basis. In force since 25 May 2018 and applies to every organisation processing data of individuals in the EU.
18/2018
Act No. 18/2018 Coll.
Slovak Act on Personal Data Protection — implements GDPR into Slovak law and sets out the competences of the Slovak Data Protection Authority (ÚOOÚ SR).
ÚOOÚ
Slovak Supervisory Authority
The Office for Personal Data Protection of the Slovak Republic — the national supervisory authority with power to impose sanctions, conduct inspections and handle complaints.

Achieve GDPR Compliance Without Stress

Contact us for a free consultation. We will audit your current state and create a roadmap for achieving and maintaining GDPR compliance.

Contact Us