Compliance, GDPR, Data Act

GDPR LAWYER, PERSONAL DATA AND OUTSOURCED DPO SERVICES

Shubert Collin advises you to ensure compliance for your company, public body or institution.


Advice services for compliance with RGPD regulations.

  1. The firm is involved at every stage of the compliance process:
  2. Examination of the current situation with regards to the implementation of the GDPR (General Data Protection Regulation n°2016/679),
  3. Updating your processing registers, drafting your impact studies (AIPD), personal data retention periods, their minimization, managing cookies on your websites,
  4. Carrying out audits on the application of applicable rules,
  5. Participate in updating risk mapping,
  6. Drafting appropriate procedures and processes with your teams.


The firm proposes to structure:

  1. Mapping of processes and risks, 
  2. Formalizing contracts, 
  3. Transferring data outside the EU, 
  4. Organization of governance, teams and relays around the DPO,
  5. Legitimacy of purposes,
  6. Updating processing registers and impact studies.


In the event of litigation, the firm advises and supports you during a potential inspection by the CNIL or any other supervisory authority (ICO) and with a view to limiting risks and any potential penalties.


With a 360-degree view of compliance with the GDPR and data governance, Shubert Collin works in parallel on other areas of compliance, including regulations applicable to Politically Exposed Persons (PEP), health data ethics, whistleblowers.


The practice aims to offer advice on the progressive implementation of the two pillars of digital regulation: Digital Services Act (DSA) and Digital Markets Act (DMA), NIS 2.1.


Hybrid outsourced DPO missions

Shubert Collin performs Data Protection Officer and Group DPO outsourcing missions, at your company or remotely, for a period off 2 to 5 days every week.


The firm provides for your company's support/product and country functions:

  1. RGPD monitoring and control,
  2. Processing compliance,
  3. Maintaining registers of data controllers, subcontractors and security incidents,
  4. Drafting impact studies (AIPD),
  5. Implementing the procedure for requests for access and complaints made to the CNIL or the data controller,
  6. Preparation of control and audit procedures, support in implementing the report for the audit committee.


Training courses

We organize a variety 4-hour training courses that cover the application of the GDPR:

  1. GDPR awareness and implementation to improve the value of personal data processing,
  2. Setting up the constituent elements of GDPR compliance and the procedures applicable to people's rights,
  3. Completing the registers of data controllers, subcontractors and security incidents,
  4. Drafting of Privacy Impact Assessment (PIA),
  5. Monitoring retention periods, purposes and data minimization,
  6. Formalization of contractual obligations and code of ethics.
  7. Drafting of data transfers outside Europe, Standard Contractual Clauses (SCC), Binding Corporate Rules (BCR),
  8. Updating your website, rules applicable to cookies, general conditions and terms of use.
  9. Our range of services is designed to meet your requirements.


For further information, please contact us: cghenassia@shubertcollin.com


Team

Christophe Ghénassia