Within the area of data protection law, our firm undertakes data protection due diligence to ensure legal compliance with the GDPR requirements, identifying the legal risks at the given client. As part of the data protection due diligence, we conduct interviews with our clients' senior executives and responsible employees in the areas of data protection to understand their data management practices, and review and assess the client's privacy notices, policies and contracts containing relevant data protection provisions.
At the end of the data protection due diligence, we also usually prepare a summary report on the legal risks identified and the steps to be taken to ensure legal compliance with the GDPR requirements.
After aligning on the summary report with our client, we will work with our clients and their IT managers, as required, to implement the necessary steps to achieve legal compliance with the GDPR requirements, including the preparation and revision of the necessary contracts, notices and policies.
If the need arises, we will then monitor changes in data protection legislation, provide information on recent reports, position papers and official practice on data protection issues relevant to our client, and, if necessary, revise the necessary contracts, information notices and policies, and contracts containing provisions relevant to data protection.