The protection of personal data has become a key concern for companies. Regulation (EU) 2016/679 (the General Data Protection Regulation or GDPR), which came into force on 25 May 2018, now provides greater clarity on the rights of data subjects, data controllers and data processors, as well as cross-border data processing.

Our regulatory consulting expertise driven by Arendt Regulatory & Consulting S.A. (ARC) includes personal data protection experts who provide added value for your business in its GDPR compliance. Our deep understanding of the whole data protection sector is reflected in our comprehensive range of compliance services:

• Review of your register of processing activities: we conduct an inventory of your organisation’s service providers and personal data processing, based on existing documentation and information gathered during working sessions, potentially with the support of dedicated software to organise your action plan.
• GDPR compliance plan: we support you in gaining a clear understanding of all personal data processing taking place in your organisation. We assess your compliance status, highlight any shortcomings with respect to GDPR requirements and establish a strategic plan to put your company on the right path to compliance.
• Documentation and contracts: our lawyers at Arendt & Medernach draw up the contracts while Arendt regulatory & Consulting draft personal data notices and procedures, perform personal data impact assessments, and make updates to service agreements and data processing agreements. For transfers to third countries, we also assist with the transfer impact assessment required before applying standard contractual clauses.
• Staff training: do you know how best to spread GDPR compliance awareness at your business? We provide GDPR awareness training to those among your staff who are involved in processing, or who have constant or periodic access to personal data.
• Data Protection Officer (DPO) mandate: we can serve as your external DPO, actively monitoring your organisation’s compliance, informing and advising on the latest GDPR takeaways and guidelines, and helping your internal governance to review data protection documentation.

If you are a management company, investment fund, bank, insurance company, other professional of the financial sector or commercial/industrial company, our regulatory consulting expertise can help you close any gaps between your operations and GDPR rules.

For more information, contact us at DataProtectionARC@arendt.com.