The General Data Protection Regulation (GDPR) entered into force in May 2018 and aims to protect personal data provide a uniform and coherent system for data protection throughout the EU. Among other things, the requirements outlined in the GDPR include requirements of legal basis (e.g. consent) for the processing of personal data and the processing needs to have a specifically stated purpose. Much of the GDPR is similar to the rules that previously existed in the Swedish Personal Data Act.
The party handling personal data must in some cases appoint a Data protection officer. This agent's role is, among other things, to inform and provide support to the organization regarding the processing of personal data and see to it that internal governing documents comply with the GDPR, by for example performing checks. In addition, the Data protection officer must be involved in impact assessments as well as being the contact person for both the Swedish Privacy Protection Agency (IMY) and the registered party.
A data protection officer must be independent in relation to the business. Companies can outsource the task of data protection officer to an external party, which ensures independence.
Our offer
1
Personal data assistant agreement (PUB agreement)
We help you draw up and revise your data processing agreement.
2
Data protection officer (DPO)
We undertake tasks as external Data protection representatives and work according to a specially developed method.
3
Record of Processing Activities
We carry out GAP analyses, and assist in preparations or revisions of your company's record of processing activities.
Contact us
If you would like to be supported in legal issues with regards to privacy and data protection, fill out the form and we will reach out to you!