PRIVACY POLICY-DATA PROTECTION GDPR

We undertake your full compliance with the General Data Protection Regulation (GDPR).

The General Data Protection Regulation applies to all companies that process and collect personal data of subjects that reside in the European Union, i.e European citizens. It affects every organization and company in Europe, which process in any way personal data of any kind, offers goods or services or records the behavior of EU data subjects, as well as any company that trades in the territory of the European Union. The Regulation requires companies (regardless of legal form), and organizations that process personal data to re-evaluate their information security management strategy, information technologies, and established procedures, the orientation and training of their staff and to implement changes in accordance to compliance.

We undertake your compliance with the General Data Protection Regulation, providing you with:

  • Consulting services. It is important to understand the requirements of the General Data Protection Regulation and consequently the compliance requirements set as a prerequisite for the entry and stay of the company in the Greek and European market.
  • Elaborate a study that analyzes the shortcomings and potential risks that your business will face with its non-compliance with the General Data Protection Regulation. We inventory Data Flow through your business, the data collection procedures that are applied, the data retention procedures are recorded. In particular, the disquisition covers the following processes and activities: a) data issues, b) Rights of data subjects, c) Information Process, d) Data subject consent procedures, e) Risk assessment of IT technologies, f) System of Information Security g) Processing of personal data by third parties.

3) Indication and implementation of appropriate technical and organizational measures for your business. We create the right action plan of your business. These measures address issues of Administration (regarding  of the structure of the company or organization, separation of duties, job rotation, job description), Organizational (regarding of the management of staff and general policies implemented by a company), Legal (contracts, agreements, lawsuits, business with third parties) and Techniques (Technologies that used for the protection of information systems).

4) Support services. We fully support your business throughout the range of its activities and in the long run by providing regular consulting, organizational and technical services, newsletters, manuals, continuous training of your staff and your constant compliance with new technologies according to market demands.

All procedures are coordinated by a new prerequisite role- model according to General Data Protection Regulation: The Data Protection Officer (DPO). Each company must hire a Data Protection Officer (DPO) who has the duty to systematically inform and advise the company and its executives, to monitor its compliance with the General Data Protection Regulation, to monitor developments, to provide advice on valuation, the effects of the data processing, to propose solutions, to cooperate with the Data Protection Authority on behalf of your company.

Catherine C. Malliari, is an certified Data Protection Officer (DPO) having many years of experience in Personal Data Law and Information Security. She can absorb the compliance of your company/organization with General Data Protection Regulation while proposing the appropriate technical and organizational measures to be implemented by your business, continuously supporting your business in any matter that may arise related to the protection of personal data and the supervisory Data Protection Authority that threatening with unpaid fines under Regulation (4% of world turnover) in violation cases. It is a guarantee for the good implementation of the General Data Protection Regulation and can be a «competitive advantage» in the market compared to other companies.