Nowadays, every company is inevitably involved in the processing of personal data, so the role of data protection in the day-to-day running of companies will only increase. Modern organization of data processing issues will certainly boost and improve business.
The drill. team has gained significant experience in implementing data protection requirements in the operation of companies. We ensure that data processing and relevant documents used by our clients comply with data protection requirements and are adequate.
Our clients come from a wide variety of industries, therefore we are able to combine data protection knowledge with industry-specific knowledge. Understanding how a particular business operates is extremely important when conducting a data audit. We have performed data audits for companies operating in a wide range of industries, including cosmetics, over-the-counter and online sales, leasing services, production of alcoholic beverages, crowdfunding services, operation of shopping centres, online casino and betting services.
We offer initial personal data processing audits to companies in various industries. As part of the audit, we assess the adequacy of the data processing performed by the company (as a data controller) and other stakeholders (data processors), as well as develop proposals for improvement and an action plan for their implementation. We encourage clients to make an initial data protection assessment as a first step to ensure proper compliance with data protection requirements.
The General Data Protection Regulation stipulates that the data controller has to ensure adequate data protection. The adequacy of data protection is determined by the size of the company, the data processing activities and the type of personal data to be processed. Therefore, when planning data protection measures in a company, it is important to attract knowledgeable data protection experts.
Our experts pay special attention to the unique features of the client’s company in order to develop the most suitable data protection solutions. With the involvement of our data protection specialists, clients can be sure that the processing of their personal data is appropriate for their size and other relevant criteria.
In-house data protection officers (DPOs) may need legal support, especially in the early stages of implementing data protection measures. We are happy to support both our clients’ in-house data protection officers and offer DPO services in special cases. Our Data Protection practice team includes a certified data protection officer.
Businesses need to ensure that their employees who process personal data on a day-to-day basis are properly informed and knowledgeable about the processing of personal data. Regular data protection training is one way to ensure this. Employees are the ‘first line of defence’ against data security incidents that could jeopardize the company’s financial interests and reputation, therefore employee training is an integral part of the company’s operations.
We also offer to conduct both face-to-face and online seminars on various data protection issues.
Mogo is one of the largest and fastest growing car financing companies in Europe, which started its operations in Latvia and currently operates in 17 countries. Personal data of customers is of utmost importance in Mogo’s operations, so the correct implementation of the GDPR requirements was of particular importance for the company’s further development.
Given the considerable experience of our team in consumer lending and data processing, our Data Protection team was asked to implement practical rather than formal measures aimed at enforcement of the GDPR requirements tailored to the client’s business, including evaluation of data audit results, providing data processing and protection advice, as well as to develop internal documents related to data protection. The documents we developed were implemented at the level of the Mogo Group, which covered 17 countries in Europe and beyond.