Data Protection and GDPR compliance
Since the creation of the European Union’s data protection rules and their implementation by Member States, the field of data protection has been receiving increasing attention. Our firm regularly provides legal advice and offers practical solutions in matters related to data protection.
Data protection law is one of the most dynamically developing areas of law. Within the legal framework, economic operators must simultaneously respond to the need to apply ever newer technological advances (e.g. cloud computing, artificial intelligence), while at the same time respecting the individual’s right to informational self-determination. CLVPartners© assists its clients with international-level expertise and the combined knowledge of colleagues present in more than 140 countries in ensuring that complex data processing processes comply with domestic, EU and global expectations, while supporting digital innovation.
Our firm offers practical solutions that take economic realities into account, while respecting the right to informational self-determination. Our experience particularly covers the following areas:
- Domestic compliance of international corporate groups: Adaptation of global data protection policies and processes to the Hungarian legal environment and the practice of the NAIH.
- Data protection dispute resolution and representation: Legal advice and legal representation in connection with data protection incidents, data subject complaints or authority investigations.
- New business processes, “Privacy by Design” planning and audit: Data protection audit and advisory prior to the introduction of new products, services or digital platforms.
- Employee data processing: Development of complex HR data protection systems, including the drafting of information materials, policies and employment contract clauses, monitoring systems, whistleblowing channels and BYOD regulation.
- Contractual frameworks: Precise drafting of data processing agreements, joint controller agreements and data protection clauses of commercial projects.
- Policies: We also deal on a daily basis with the preparation of various procedural rules and detailed privacy notices available on corporate websites.
Data Protection Officer (DPO) service
For many organizations, the GDPR makes it mandatory, while for others appointing an external, independent data protection officer represents a strategic advantage. The experts of our firm provide professional DPO support:
- Information and professional advice: We provide information and professional advice to the Client regarding obligations under the GDPR and other EU or Member State data protection provisions.
- Compliance monitoring: We monitor compliance with the GDPR, the relevant data protection provisions, and the Client’s internal rules, including the assignment of responsibilities, increasing staff awareness and training, as well as related audits.
- Data protection impact assessment: Upon request, we provide professional advice regarding data protection impact assessments and continuously monitor the carrying out of the assessment.
- Cooperation with the authority: We continuously and directly cooperate with the supervisory authority (NAIH) in order to ensure legal compliance.
- Contact point: We serve as an official contact point towards the supervisory authority in matters related to data processing, and conduct consultations in any other arising issues if necessary.
- Enforcement of data subject rights: We facilitate the exercise of the rights of data subjects, investigate their complaints, and initiate the measures necessary for remedy with the Client.
- Policy making: We actively participate in the drafting, review and integration into practical operation of internal data protection and data security policies.
Reference
- Comprehensive data protection compliance of the European and overseas online platforms of an industrial company engaged in global commercial activities, with particular regard to the legal arrangement of cross-border data transfers
- Providing a second opinion on Data Protection law in relation to a risk assessment for a healthcare services company and the alignment of the group's policy with its activities in Hungary
- Drafting of a privacy notice for a webshop operator
- Developing data protection processes and policies for pharmacovigilance in a leading pharmaceutical company
- Data Protection compliance for several automotive supply companies
- General data protection advice and regular data protection audits for many temporary employment agencies
