Contact
× Close

Legal support

Capital market law
Competition law
Compliance
Corporate law
Court and administrative proceedings
Criminal law
Debt collection
E – commerce
Energy law
Environment protection
IT and new technologies
Intellectual property protection
Labor law
Local government administration services
Mergers and acquisitions
Personal data protection and cybersecurity
Public aid
Public procurement
Real estate and construction projects
Restructuring and bankruptcy proceedings
Succession planning

Tax consultancy

Estonian CIT
Income taxes
Independent Tax Compliance Audit (NAFP) and tax compliance audit
Indirect taxes (VAT, customs, excise)
International taxation
Minimum tax
Preferential tax reliefs
Real estate tax
Reporting of tax schemes
Tax planning
Tax proceedings
Tax residency
Transfer pricing

Audits

Audit of anti-mobbing procedures
Audit of contracts from the perspective of competition law
Audit of intellectual property
Audit of labor law documentation
Audit of overdue receivables
Audit of personal data protection system
Audit of real estate
Audit of transfer pricing obligations
Collaterals for receivables in contracts
Comprehensive corporate audit
Comprehensive tax audit of the company
Due diligence
Estonian CIT
Relationships within groups of entities
Reorganization of business activity carried out
Tax schemes (MDR)
Withholding tax (WHT)

Training

Collaterals for commercial contracts
Collective redundancies and individual dismissals – practical aspects
Contract templates in transactions between entrepreneurs
Current obligations in terms of transfer pricing
Employment relationship: establishment, change and termination. Necessary documentation and practical issues
Family Foundation
Forms of business activity
Holding law
Liability of the management board members for the company’s obligations
Management of confidential information in a public company
Personal data protection in the company
Protection of whistleblowers – obligations, implementation of provisions in the organization
Public procurement in practice: selected issues
Remote working and control of employee sobriety
Risk management in terms of competition protection law
Selected mobbing issues
Selected tax reporting obligations and procedures
Strategy for protecting intellectual property rights in the company
Tax reliefs and preference for entrepreneurs
Tax scheme reporting
VAT domestic and international transactions
Withholding tax in practice

Succession consulting

Succession consulting
Succession consulting
  1. Main
  2. Audits
  3. Audit of personal data protection system

Audit of personal data protection system

Get back to Audits

Contact

Damian Chudzik
more

Damian Chudzik

junior partner, attorney-at-law

Scope of the audit

  • Determination of a functioning model of the personal data protection system
  • Identification and assessment of personal data processing
  • Inspection of individual departments in terms of personal data protection
  • Verification of the existing documentation on personal data protection in terms of its compliance with the provisions on personal data protection
  • Identification of data transfer processes/examination of the necessity to conclude the personal data entrustment agreements
  • Establishment of the controller – processor relationship within the identified data processing
  • Verification of the legal basis for data processing
  • Verification of the correctness of consent clauses of data subjects to the personal data processing
  • Verification of the information obligation fulfillment
  • Verification of the exercise of the rights of data subjects/existence of the procedure
  • Verification of the register of processing activities and processing activity categories
  • Verification of the correctness, purpose, adequacy, time-limited personal data processing
  • Verification of personal data processing based on entrustment agreements
  • Verification of the rights to data processing (authorizations for employees)
  • Verification of the risk management procedure
  • Establishment of the obligation to assess the effects of processing
  • Verification of physical, technical and IT safeguards
  • Development/update of personal data processing documentation