Data Protection Consultation at KINAST
The EU privacy laws consist of the GDPR and the Electronic Privacy Directive (ePrivacy Directive) which is also known as the “EU cookie law”. The directive came into effect in 2002 and was amended in 2009. As a EU directive it mandates that each EU member state passes their own national laws in correspondence.
ePrivacy Directive currently
Similar to the GDPR the ePrivacy Directive was created to harmonize the national protections of the fundamental rights and freedoms of individuals in the EU, in particular the right to privacy and confidentiality, as well as the free movement of data when using electronic communications.
The directive deals with the regulation of various issues when using electronic devices such as confidentiality of information, access and storage of information on users’ end devices, treatment of traffic data, cookies and spam. Among those other provisions, the ePrivacy Directive also requires websites to obtain consumer’s consent before placing cookies for marketing purposes.
What happens next?
An updated version of the ePrivacy Directive, considering especially new technologies, should have entered into force together with the GDPR in May 2018 and would have been called ePrivacy Regulation, however it is still not published by now.
After various draft versions were released in 2018 and 2019, it has been quiet for a couple of years. If and when a new draft will be published and when the regulation will come into force is currently unknown.
Do you need an External Data Protection Officer?
Five steps to compliance:
Introduction of your company and KINAST as well as the relevant contact persons. Discussion of the current data protection setup and most important data protection topics.
We conduct data protection audit on-site or based on questionnaires to evaluate the current data protection status of your company.
Document the current data protection status and define further required actions if necessary.
We carry out all necessary measures identified during the data protection audit.
Designation as External data protection officer and on-going consultation starting from day 1.
Our three point plan to data protection compliance
To guarantee a timely and cost effective execution of necessary data protection measurements, we’ve developed our own concept based on a three-point plan:
As a first step, we carry out a risk assessment in your company. We carry out the risk assessment either on-site or remotely. Based on the findings, we prepare a report that documents the degree of compliance with data protection standards. Furthermore, the report identifies any vulnerabilities, proposes suitable measures to remedy those vulnerabilities, defines responsibilities and sets a timetable for the implementation of these measures.
In a next step, we implement any measures which we identified within the framework of the risk assessment. Whereby great importance is attached to binding your internal resources as little as possible.
Finally, as an External DPO, we permanently support your company regarding all aspects of data protection. Therefore, we ensure an ongoing compliance with legal standards, the adaptation of procedures to the requirements of new laws and the consideration of current changes in internal processes.
Why choose KINAST Attorneys at Law for international data protection consultation
Do you need guidance with international data protection law?
Data protection law, especially on the international stage, can be a legal minefield. Our experienced lawyers and data protection officers are here to help. KINAST Attorneys at Law are specialised soley in data protection and we’ve been advising international groups and corporations since before GDPR laws came into effect. We guarantee that your company is in the safest hands.
So why not contact us today for a free, no obligation consultation?
Send this page to a colleague?