Through our own team of experts, we will provide you with a comprehensive service of a responsible person who is fully qualified to perform this function based on the conditions set out in Article 37 of the GDPR. The appointment of a responsible person has been made mandatory by the regulation for controllers.
Services of the person responsible for personal data protection
On demand
The price is quoted without VAT and may be increased depending on the scope of work performed and the extent of personal data processing.
An analysis of the state of personal data protection and identification of all operations concerning personal data.
Such an analysis of the state of personal data protection with respect to GDPR is essential in order for processes to be set correctly. Based on a thorough analysis we will be able to:
- map the flow of personal data and define all operations performed upon personal data,
- define third parties to whom personal data is provided (under a contract or under a legal obligation).
- identify the categories of personal data you handle (normal personal data or sensitive personal data),
- determine whether you have adequate personal data protection in place in terms of security of personnel, buildings/facilities, and IT.
Developing a full set of all necessary documents to ensure compliance with GDPR
After the initial analysis, it is necessary to prepare all documents and forms defining all flows of personal data and processes designed to ensure the protection of personal data. The documentation shall include the following:
- Risk Analysis that contains a quantification of all possible threats and impacts on personal data processing.
- Security Policy that describes the basic safety precautions necessary to maintain the integrity of personal data.
- Guidelines that serve to guide people who work with personal data, containing a description of procedures to handle personal data or to act in different situations, when providing information to data subjects or in the event of security incidents.
- Processing contracts for processors, which are used to ensure the protection of personal data when providing data for processing to another controller. These model contracts are prepared separately for each processor, based on the type of service that the processor renders to the controller.
- Information obligation for you to inform all data subjects of which personal data concerning them you process, to whom you provide the data, and of the rights of the data subjects.
- All necessary forms – consents, authorisations, records, etc. These documents are tailored for each client depending on the purpose and processing of personal data.
Implementing GDPR
Implementing GDPR, which we consider one of the most important activities in the provision of our services. We will help you put the analysis and all the documents into practice. Setting up the protection of personal data is not just writing down the steps on paper, but mainly configuring the personal data protection system by adoption of certain security measures within the framework of:
- Building security – we can help you with designing a solution to improve the protection of personal data exactly for the categories the processed data (payroll, accounting, medical records, video surveillance system, registry etc.),
- Personnel Security – we will train all your employees on how to proceed with the processing of personal data, how to protect such data and how to prevent security incidents, or on the proper procedures in collecting and providing information on the processing of personal data,
- IT security – we will help you with the design of safety measures in cyberspace and educate authorised persons in the field of social engineering so that personal data of data subjects are protected in this area, too.
Regular care, advice, consulting
Personal data protection spans across a broad range of issues and advances constantly. Regular advice served by the data protection officer will take away the burden from you to watch out for updates of new guidelines and revision of laws. Your assigned data protection officer will monitor all changes in the area of personal data protection and prepare the necessary forms accordingly, and keep you informed about current events in the area of personal data protection. The data protection officer will also perform periodic inspections and training activities in your organisation at agreed intervals to prevent any potential errors in the processing of personal data.
Our goal is to benefit our clients
Choosing the right and reliable advisor is always a great help in improving yourself. Above all, consulting in the field of law is extremely broad-spectrum and affects almost all areas of the life of entrepreneurs and individuals, therefore the choice of a legal advisor is extremely important. In the law office Hronček & Partners, s. r. o. we pay attention to professionalism and high quality legal services with an individual approach. Our main goal is to provide legal services of the highest quality and to bring innovative and professional solutions for the client so that we become their trusted partner.
More services in the field of data protection and security
GDPR security documentation
€500.00
The price is quoted without VAT and may be increased depending on the scope of work performed and the extent of personal data processing.
Preparation of new customized basic security documentation for the operator, updated in accordance with current legislation and the available decision-making and interpretative practice of the authority (internal regulations for the protection of personal data).
Assessment of the impact on personal data protection
On demand
Processing of documentation for impact assessment (DPIA) within the meaning of Article 35 of the GDPR, which is special documentation that the controller is required to process only if the legal conditions are met (e.g., extensive processing of special categories of personal data, systematic monitoring of public spaces on a large scale, processing of biometric data, etc.).
GAP analysis – GDPR
€1,800.00
The price is quoted without VAT and may be increased depending on the scope of work performed and the extent of personal data processing.
Analysis of personal data processing procedures at the client processing personal data (mapping of purposes, personal data processing, legal bases, security management, information security, physical security and facility security, intermediary contracts, terms and conditions, regime measures, personnel and administrative security), which will be carried out on the basis of a personal consultation. The analysis includes proposals for securing personal data and proposals for necessary measures to be adopted and implemented by the client in order to harmonize the processing of personal data in accordance with the GDPR and the law.
Legal settings for cookies on websites
€200.00
The price is listed without VAT.
Cookie settings on websites in accordance with the amendment to the Electronic Communications Act and the GDPR. We still encounter incorrect technical settings, banner and information bar settings, and information obligations.
Training in the field of personal data protection
On demand
The total price depends on the number of people, the number of training courses, and the number of areas/agendas in which your employees need to be trained.
The training focuses on the legitimacy of personal data processing and personal data security. If interested, we can provide training tailored specifically to a given professional group.
Expert advice on specific personal data processing activities
On demand
The price depends on the scope of personal data processed in your company and the content and specifications of the project.
The issue of personal data protection is not limited to the GDPR and the Personal Data Protection Act. When setting up individual processes and processing activities, it is also necessary to comply with national legislation governing specific areas of activity of individual operators (e.g., crowdfunding, provision of installments and loans, and other sector-specific features in various areas).
Information security
On demand
The price depends on the scope of work performed.
Information security is a solution for securing information systems, information, and access to data. The information security management system is developed with regard to the culture, processes, technologies, and requirements of your company/organization. With this service, you get an information security system that complies with ISO/IEC 27000 standards and protects your business from loss and theft by ensuring the protection of all data, whether yours or your customers'.
Cyber security
On demand
In today's digital age, when most sensitive data is processed online, cybersecurity is an essential part of protecting your business. We offer comprehensive solutions to protect against cyber threats, including cybersecurity gap analysis, analysis of sector and impact criteria (NIS2), design and implementation of security measures, audits and penetration tests, continuous SOC monitoring, Incident Response, employee training, and cybersecurity manager (CISO as a Service) services. We also provide insurance against cyber threats and security services outsourcing (MSSP). Our solutions guarantee compliance with NIS2, GDPR, ISO 27001 and protect your IT infrastructure from attacks, data leaks, and operational outages.
Industrial safety
On demand
The price depends on the level of secrecy and the type of access to classified information.
The subject of the service is the processing of documents in accordance with Act No. 215/2004 Coll. and relevant NBÚ decrees, the purpose of which is to ensure the processing of mandatory documentation that must be submitted to the National Security Authority in order to obtain industrial security clearance for all levels of classification (Restricted to Top Secret). The documentation may include various processing of classified information (familiarization, storage in a protected area, or, together with documentation for technical means, also processing of classified information using technical means).
We also perform security settings for technical equipment (e.g., PCs) according to the recommendations of the National Security Authority – we will set up your technical equipment for certification purposes.
Preparation and submission of security clearance applications
€7,000.00
The price is quoted excluding VAT and may be increased depending on the scope of work performed and the required level of confidentiality. Administrative fees are not included in the price.
As part of the service provided, we can comprehensively secure the entire process for issuing a license to trade in defense industry products in relation to the National Security Authority, through providing an initial consultation for the purpose of presenting the legal requirements for obtaining confirmation, analyzing the compliance of the business plan with the requirements of the relevant legislation, preparing the documentation for the entrepreneur's security project, and preparing and submitting an application for a security clearance by the National Security Authority.
