Over the last decade, it has been common practice for personal data such as names, tax IDs, IP addresses, IBANs, audio and video records, and much more to be collected, used, stored and transferred by companies for many purposes, ranging from gathering the staff information needed to facilitate internal operations, to customer service, to commercial and marketing activities, and beyond. Most of the time, collection of this data is necessary in
the pursuit of company business. Sometimes, however, companies may be tempted to take advantage of precious personal information, using it in a way that has not been properly disclosed to the data subject. In addition, the ongoing digitalisation of processes (e.g. KYC) within various industries poses a risk of increased likelihood of data breaches involving personal data.

Regulation (EU) 2016/679 (the General Data Protection Regulation, or GDPR), applicable since 25 May 2018, clearly defines the rights and obligations of data subjects, data controllers and data processors, as well as the terms of cross-border transfers of data. It also imposes significant penalties (up to 4% of worldwide turnover, or EUR 20 million).

Our regulatory consulting expertise driven by Arendt Regulatory & Consulting S.A. (ARC) believes that our personal data protection experts can provide added value and support your business.


Table of contents of the brochure:

The challenges of data processing

Don't assume you're home and dry

Your path to GDPR compliance

A la carte services

Who are we?

Contact details


For more information, contact us at DataProtectionARC@arendt.com.

Related Content

Arendt Regulatory & Consulting SA

41A, Avenue JF Kennedy L-2082 Luxembourg infoarc@arendt.com

T (352) 26 09 10 1
F (352) 26 09 10 7750