The protection of personal data has become a growing concern for companies. Regulation (EU) 2016/679 (“General Data Protection Regulation” or “GDPR”), which came into force on 25 May 2018, is now providing greater clarity on the rights of data subjects, data controllers and data processors as well as cross-border implementation.

This is where our regulatory consulting expertise driven by Arendt Regulatory & Consulting S.A. (ARC) believes that our personal data protection experts can provide added value for your business. We can assist you with the following:

  • Staff training: do you have the knowledge required to raise awareness within your business? We provide GDPR awareness training to your staff involved in processing operations as well as to personnel with permanent or regular access to personal data.

  • Electronic register: we conduct an inventory of your organisation’s service providers and personal data processing on the basis of the information gathered during working sessions, potentially with the support of dedicated software to organise your action plan.

  • Compliance “Score Card”: we provide you with:
    • a scoping exercise to assess your compliance status and to identify potential issues;
    • depending on your status, an analysis in the light of the GDPR requirements of the identified data processes and data processors selected, which will highlight potential gaps.

  • Risk mitigation measures: we provide you with a list of recommendations and actions to be taken to achieve compliance with the new GDPR project together with the management of relevant stakeholders involved in the technical remediation.

  • Documentation review: in collaboration with our lawyers at Arendt & Medernach, we assist you with the drafting of personal data procedures, personal data impact assessments (“DPIA”), updates to service agreements and data processing agreements.

  • Mandate of Data Protection officer (“DPO”): do you wish to appoint a DPO to coordinate the proper implementation of the GDPR, but you would prefer not to recruit? We can take on such DPO mandate, and provide you with the benefit of our full independence, technical knowledge and a close relationship with the Luxembourg control authorities.

If you are a management company, investment fund, bank or insurance company, our Regulatory Consulting expertise can help you to assess your current level of compliance with the data protection regulation and support you in filling the identified gaps with GDPR provisions.

Related Content

AIFM Law
Asset Manager - Advi...
Alternative investment funds
Asset Manager - Advi...
Anti-money laundering
Asset Manager - Advi...
Brexit
Asset Manager - Advi...
Personal Data Protection - GDPR
Asset Manager - Advi...
MiFID II
Asset Manager - Advi...
PRIIPs - PRIIPs KID
Management company -...

Arendt Regulatory & Consulting SA

41A, Avenue JF Kennedy L-2082 Luxembourg infoarc@arendt.com

T (352) 26 09 10 1
F (352) 26 09 10 7750

enhance
your
experience
unfortunately, you can not personnalize your browsing on this page

Would you like to configure your browsing experience at arendt.com?

Let us know your profile and favourite topics

You are

Banking and Financial Services

Fund Industry

Private Clients
Private Sector

Public Sector