Kancheff, Gicheva, Marnikas & Partners Law Firm combine legal knowledge, IT security expertise and business understanding to provide personal data protection and security services, tailored to the specific business needs of our clients.
Our GDPR services include:
- GDPR Compliance Services & Assessment
- Drafting of organisations’ policies and guidelines – privacy notices, data protection and security policies, data breach notification procedures, consent forms, etc.
- Drafting of Data Processing Agreements and Data Protection Officer Agreements
- Contract & Policy reviews
- Implementation of privacy and security policies
- Outsourced Data Protection Officer (DPO)
- DPO Support
- Data subject access request (DSAR) Support
- Data breach response and incident handling
- Personal Data Audit and in-depth reviews of your personal data landscape
- Consultancy on personal data protection issues
Our team also provide in-house training of all personnel to handle with the personal data processing in compliance with the legal requirements of the GDPR.
Kancheff, Gicheva, Marnikas & Partners Law Firm may be appointed as your organisation’s Data Protection Officer.
We can serve as an independent expert both internally as well as towards customers or the GDPR Supervisory Authorities.
Our DPO services include, but are not limited to, the following:
- Training staff involved in personal data processing
- Conducting audits to ensure GDPR compliance and address potential issues proactively
- Serving as the point of contact between the company and Data Protection Authorities
- Monitoring performance and providing advice on the impact of data protection efforts
- Maintaining comprehensive records of all data processing activities conducted by the company
- Drafting of company’s policies and guidelines – privacy notices, data protection and security policies, data breach notification procedures, incident-response and incident handling policies, consent forms, etc.
- Interfacing with data subjects to inform them about how their data is being used, their rights to have their personal data erased, and what measures the company has put in place to protect their personal data
- Drafting of DSARs’ responses