Services /

GDPR Compliance / GDPR Lawyer / GDPR Attorney

Discussing details

Why do you need to develop documents for GDPR Compliance?

  • Зачем разрабатывать документы для GDPR Compliance - IT юрист STALIROV&CO 1

    To do business in Europe: sell goods and provide services.

  • Зачем разрабатывать документы для GDPR Compliance - IT юрист STALIROV&CO 2

    To collect and process user data from the EU on the Internet. 

  • Зачем разрабатывать документы для GDPR Compliance - IT юрист STALIROV&CO 3

    To conclude contracts with clients and work with partners in the EU.

  • Зачем разрабатывать документы для GDPR Compliance - IT юрист STALIROV&CO 4

    To hire employees from the EU.

  • Зачем разрабатывать документы для GDPR Compliance - IT юрист STALIROV&CO 5

    To connect payment systems.

  • Зачем разрабатывать документы для GDPR Compliance - IT юрист STALIROV&CO 6

    To publish and monetize IT products.

  • Зачем разрабатывать документы для GDPR Compliance - IT юрист STALIROV&CO 7

    To get access to the data of European giants in Fintech, Biotech, Medtech, InsurTech, Real Estate Tech, TravelTech, and provide IT services.

  • Зачем разрабатывать документы для GDPR Compliance - IT юрист STALIROV&CO 8

    To ensure the protection of personal data in organizing work with employees and contractors.

+38 095 830 51 61 info@stalirov.lawyer Kyiv, 3 Kudryashova St.
Ask an IT lawyer a question

Who should implement the GDPR?

  • Companies that have permanent or temporary representative offices in the EU
  • Companies that collect data from EU citizens
  • Companies that cooperate with organizations that have already implemented the GDPR
GDPR Compliance / GDPR Lawyer / GDPR Attorney в IT юрист STALIROV&CO 1

5 reasons for GDPR violation fines 

  • There is processing of personal data without the permission of the owner.
    Bank Innovasjon Norge was fined $95,500 for a non-contractual credit ability check. The bank analyzed financial data without the consent of the owners.
  • No measures have been taken to protect personal data.
    Vodafone España paid a $100,000 fine. The company has taken no steps to avoid calling numbers from a list of customers who have opted out of advertising.
  • The users’ requests to provide or delete data are ignored.
    Google paid a fine of $7,000,000. The corporation has not removed personal information from search results at the request of users.
  • The organization of   Data Protection Officer’s work does not comply with the requirements of GDPR.
    Proximus SA was fined $50,000. The company didn’t have a mechanism to prevent a conflict of interest with Data Protection Officer, who also held other positions (Head of Compliance and Audit).
  • There is informing the regulator about data leakage with delay.
    Twitter paid $450,000 for not reporting the leak on time.  Some private tweets may have been displayed in the public domain.

What documents do IT lawyers develop under the requirements of the GDPR?

  • Какие документы IT-юристы разрабатывают по требованиям GDPR - IT юрист STALIROV&CO 1

    Data Processing Agreement
    We obtain consent from customers, employees, and partners to process the personal data.

  • Какие документы IT-юристы разрабатывают по требованиям GDPR - IT юрист STALIROV&CO 2

    Security Policy
    We describe what security measures the company has implemented.

  • Какие документы IT-юристы разрабатывают по требованиям GDPR - IT юрист STALIROV&CO 3

    Data Breach Response and Notification Procedure
    We determine the algorithm of actions in case of data leakage and the procedure for informing the regulator.

  • Какие документы IT-юристы разрабатывают по требованиям GDPR - IT юрист STALIROV&CO 4

    Personal Data Storage and Disposal Policy
    We reveal where the information is stored and for how long.

  • Какие документы IT-юристы разрабатывают по требованиям GDPR - IT юрист STALIROV&CO 5

    Access level policy
    We define roles: controller or processor and types of functional duties.

  • Какие документы IT-юристы разрабатывают по требованиям GDPR - IT юрист STALIROV&CO 6

    Instructions for employees on handling personal data
    We explain to employees who is involved in the processing of personal data and the level of their responsibility.

  • Какие документы IT-юристы разрабатывают по требованиям GDPR - IT юрист STALIROV&CO 7

    GDPR Questionnaires
    We undergo initial audits for the level of compliance with GDPR requirements by customers from the EU.

  • Какие документы IT-юристы разрабатывают по требованиям GDPR - IT юрист STALIROV&CO 8

    International transfer policy
    We determine the conditions for transfer of personal information to other countries.

  • Какие документы IT-юристы разрабатывают по требованиям GDPR - IT юрист STALIROV&CO 9

    Privacy Policy and Cookie Policy
    We obtain permissions to collect and store information about the behavior of users of IT products for marketing practices.

Facts

According to a study by the international law firm DLA Piper, from January 26, 2020, to January 27, 2021, GDPR fines increased by 40% and amounted to 158,500,000 USD. Data protection authorities registered 121,165 data breach notifications (19% more than in the previous 12-month period).

In 2020, Google was fined $50,000,000, H&M $35,000,000, and British Airways $22,000,000.

 

 

Cases from IT lawyers

The Stalirov&Co Team adapted the client's software product to GDPR requirements

We were approached by a company that developed a task manager used by  German citizens. Therefore, an IT product must comply with the requirements of the GDPR.

For GDPR compliance IT lawyers:

  • conducted legal audit of the information with which the company works;
  • laid down a roadmap for the processing of personal data;
  • prepared contracts with a team of information processors;
  • developed 11 policies and procedures on privacy and personal data processing requirements;
  • turned to a certified organization in the EU to check for violations.

Who are we, and how do we generate solutions?

  • The Stalirov&Co team designs internal and external documents to comply with GDPR requirements.
  • We conduct primary audits of personal data processing activity in companies.
  • IT lawyers examine Data Processing Agreements that customers send to the company.
  • We help fill out the GDPR-questionnaires from customers from the EU.
  • Our team develops policies and contracts about processes in companies.
  • We perform the functions of a Data Protection Officer.
  • The Stalirov&Co company prepares the company for GDPR certification.
  • Our GDPR attorneys represent IT companies if disputes on personal data processing arise.
GDPR Compliance / GDPR Lawyer / GDPR Attorney в IT юрист STALIROV&CO 3

Latest articles

All articles

Subscriber maintenance for IT companies

A range of IT legal services for outsourcing, outstaffing, and product companies under the Time & Material, Fixed Price system

Get details

Ask more questions

Contact IT lawyer will contact you
to discuss details
Call me back IT lawyer will contact you
to discuss details
Thanks for reaching out!

An IT lawyer will contact you with legal solutions

OK
Thank you for your request!

An IT lawyer will call you back to discuss details

OK
Thank you for your review!

We would love it if you tell your friends and colleagues about us

OK
Thank you for your inquiry!

The IT legal team will contact you with options solutions

OK
Thank you for your inquiry!

An IT lawyer will contact you with a few more questions

OK
Thank you for your interest!

Await advice from IT lawyers

OK
Thank you for your inquiry!

The IT legal team will prepare a solution for you

OK
Thank you for contacting us!

An IT lawyer will analyze your situation and offer a solution

OK