Data Protection & GDPR

Data Protection & GDPR

NEW LEGAL FRAMEWORK ON PERSONAL DATA PROTECTION IN BUSINESSES

The new European General Data Protection Regulation (EU 2016/679), also known as GDPR, aims to protect individuals with regards to the processing of their personal data and the free movement of such data.

The Regulation is a stronger and modernized version of the former Data Protection Directive (95/46/EC) and differs to the extent that it has now direct horizontal effect in the Member States, a broader scope and it sets stricter requirements and provides for high fines for infringers.

Which entities does it affect?

The Regulation applies to any corporation and organization that processes (e.g. collects, registers, stores, uses, transmits, deletes etc.) personal data of individuals in the Union. It applies to all public and private entities, from the smallest companies to the largest Groups, with establishments even outside the Union, irrespective of the sector or activity.

When does it come into effect?

The Regulation is in force in all Member States since May 2016. It has just been granted a 2-year transition period until 25 May 2018, when it will be fully applicable, including the high fines.

What are the fines?

Infringements of the Regulation may incur fines of up to € 20,000,000 or, in the case of businesses, up to 4% of the total annual turnover of the previous fiscal year, whichever is higher.

Contact us to find out

– to what extent the Regulation does concern your business;
– what are the personal data and how they should be protected;
– what are the sensitive personal data and how they should be processed;
– what does data processing mean and how it is legally conducted;
– whether your business operates as a Data Controller or a Data (sub-) Processor;
– what are your obligations & liabilities depending on your role;

– what the Regulation provides for the consent of the subject,
– what are the data subjects rights pursuant to the GDPR;
– what measures to take to protect your business against fines;
– whether you need to appoint a Data Protection Officer in your business;
– whether you are required to keep records for processing activities;
– whether you are required to conduct an impact assessment; and
– anything else which concerns your business with regards to the Regulation.

What we can do for you

  • Awareness, Trainings & Advisory Services
  • Compliance Readiness Test
  • Data Mapping & Gap Analysis
  • Guidelines for GDPR Compliance
  • DPO Services
  • Data Breach Policy
  • Data Impact Assessments

Contact Person

Please select the country
  • All
  • Albania
  • Baltic Desk
  • Bosnia and Herzegovina
  • Bulgaria
  • CP- Payroll & Employment Solutions
  • CP- Tax & Transfer Pricing
  • CP-Accounting & Audit
  • Croatia
  • Cyprus
  • Egypt
  • Georgia
  • Greece
  • Iran
  • Montenegro
  • North Macedonia
  • Romania
  • Russia
  • Serbia
  • Ukraine

Nicosia, Cyprus

Maria-Elia-Fotsios

Bucharest, Romania

Stefania-Costea

Stefania Costea

Junior Consultant

Sofia, Bulgaria

Rossitza-Koleva

Rossitza Koleva

Country Manager

Athens, Greece

Maria-Sarantopoulou

Maria Sarantopoulou

Tax and Legal Advisor

Skopje, North Macedonia

mimi

Tbilisi, Georgia

Olga

Olga Nadiezhdina

Executive Administrator

Zagreb, Croatia

Afrodita-

Afrodita Taci

Head of accounting & payroll service line

Tallinn, Estonia

NinaSnizhko_BalticDesk

Nina Snizhko

Representative

Tirana, Albania

Drilona-Likaj

Drilona Likaj

Senior Accountant

Belgrade, Serbia

Natasa-Nedic

Natasa Nedic

Country Executive

Nicosia, Cyprus

Alexandra

Nicosia, Cyprus

Ali-Najm

Ali Najm

Client Relationship Manager Egypt, Iran, Lebanon, Iraq

Podgorica, Montenegro

Bojana-Minic

Bojana Minic

Investment and Immigration Consultant

Banja Luka, Bosnia and Herzegovina

Stevo-Tadic

Stevo Tadic

Senior Accountant