Services /

GDPR Compliance / GDPR Lawyer / GDPR Attorney

Discussing details

Why do you need to develop documents for GDPR Compliance?

To do business in Europe: sell goods and provide services.
To collect and process user data from the EU on the Internet.
To be a party to contracts with clients and work with partners in the EU.
To hire employees from the EU.
To connect payment systems.
To publish and monetize IT products.
To get access to the data of European giants in Fintech, Biotech, Medtech, InsurTech, Real Estate Tech, TravelTech, and provide IT services.
To ensure compliance with the GDPR regulation and protect personal data in organizing work with employees and independent contractors.

info@stalirov.lawyer 100 Overlook Center, 2nd floor, Princeton, New Jersey, 08540, USA

Ask an IT lawyer a question

Who should implement the GDPR?

Companies that have permanent or temporary representative offices in the EU
Companies that collect data from EU citizens
Companies that cooperate with organizations that have already implemented the GDPR

GDPR Compliance / GDPR Lawyer / GDPR Attorney в IT юрист STALIROV&CO 1

5 reasons for GDPR violation fines

There is processing of personal data without the permission of the owner.
Bank Innovasjon Norge was fined $95,500 for a non-contractual credit ability check. The bank analyzed financial data without the consent of the owners.
No measures have been taken to protect personal data.
Vodafone España paid a $100,000 fine. The company has taken no steps to avoid calling numbers from a list of customers who have opted out of advertising.
The users’ requests to provide or delete data are ignored.
Google paid a fine of $7,000,000. The corporation has not removed personal information from search results at the request of users.
The organization of Data Protection Officer’s work does not comply with the requirements of GDPR.
Proximus SA was fined $50,000. The company didn’t have a mechanism to prevent a conflict of interest with the Data Protection Officer, who held other positions within the company (Head of Compliance and Audit).
There is informing the regulator about data leakage.
Twitter paid $450,000 for not reporting the leak on time. Some private tweets may have been displayed in the public domain.

What documents do Stalirov&Co data protection lawyers develop under the requirements of the GDPR?

Data Processing Agreement
We obtain consent from customers, employees, and partners to process the personal data.
Security Policy
We describe what security measures the company has implemented.
Data Breach Response and Notification Procedure
We determine the algorithm of actions in case of data leakage and the procedure for informing the regulator.
Personal Data Storage and Disposal Policy
We reveal where the information is stored and for how long before disposal.
Access level policy
We define roles of controller or processor and types of functional duties.
Instructions for employees on handling personal data
We explain to employees who is involved in the processing of personal data and the level of their responsibility.
GDPR Questionnaires
We undergo initial audits for the level of compliance with GDPR requirements by customers from the EU.
International transfer policy
We determine the conditions for transfer of personal information to other countries.
Privacy Policy and Cookie Policy
We obtain permissions to collect and store information about the behavior of users of IT products for marketing practices.

Case from IT lawyers

The Stalirov&Co Team adapted the client's software product to GDPR requirements

We were approached by a company that developed a task manager used by German citizens. Therefore, an IT product must comply with the requirements of the GDPR.

For IT product GDPR compliance Stalirov&Co lawyers:

conducted legal audit of the information with which the company works;
laid down a roadmap for the processing of personal data;
prepared contracts with a team of information processors;
developed 11 policies and procedures on privacy and personal data processing requirements;
turned to a certified organization in the EU to check for violations.

Our cases

All cases

ConvertADV WEB studios and DIGITAL agencies

Subscriber maintenance for an AdTech сompany

The Stalirov&Co team structured ConvertADV’s business in Cyprus, built a legal framework for international operations, and ensured compliance for platform growth

Intellabridge Software products and startups

Subscriber maintenance for a public fintech company

The Stalirov&Co team prepared legal opinions on a crypto company working in Germany, the UAE, Canada, and the USA. We created a Privacy Policy and Terms of Use for the crypto platform.

Artkai Outsourcing and outstaffing companies

Subscriber maintenance of a software development agency

The Stalirov&Co team structured business in the UK and Ukraine, and optimized the tax burden. We developed contracts with customers and the team, and a corporate agreement between founders

Insurancehunter Software products and startups

We fulfilled CCPA and GDPR requirements for the platform where insurance companies' products are promoted

Sneakerstudio E-commerce

The Stalirov&Co team fulfilled legal requirements to connect payment systems for the Polish online store

IT Lawyers draw up the Privacy Policy and the Terms of Use to connect DotPay and PayPal.

The Stalirov&Co team designs internal and external documents to comply with GDPR requirements.
We conduct primary audits of personal data processing activity in companies.
IT lawyers examine Data Processing Agreements that customers send to the company.
We help fill out the GDPR-questionnaires from customers from the EU.
Our team develops policies and contracts about processes in companies.
We perform the functions of a Data Protection Officer.
The Stalirov&Co company prepares the company for GDPR certification.
Our GDPR attorneys represent IT companies if disputes on personal data processing arise.

Conduct a GDPR audit