Contact us

GDPR Compliance Project & Privacy Programme

GDPR Project

We can develop a data protection strategy or review and develop your current general data protection regulation (GDPR) compliance practices starting from your business, values, ambitions and strategy. With experience from a range of industries such as cloud services, health data, data analytics and online marketing, we can present solutions and governance models relevant and implementation ready in your organisation. Regardless if you are the data controller or the data processor, we got you covered.

If interesting, we offer a basic GDPR document package at a fixed price to manage the necessary processes and templates needed for most companies and organisations.

We offer fixed price projects if we can foresee the complexity and scope of the work.

Privacy Programme

We can set up a long term compliance programme that will help your organisation, whether a start-up or a multinational group of companies, face the challenges of data protection and personal information under the GDPR. Clients ask us to review their existing GDPR and compliance organisations to adapt the processes closer to the industry best practice or address a specific vulnerability.

We have GDPR expertise partaking in developing industry practice. The target for our privacy work and our use of the best practice framework is to provide relevant and measurable advice to our clients. We use the concept of privacy maturity based on the AICPA/CICA model and the generally accepted privacy principles.

A privacy programme includes the following basic processes:

  • Managing the personal data inventory and data quality
  • Management and planning (governance framework)
  • Setting up processes for notice and communication (the necessary external and internal notices and policies)
  • Managing the use, retention & disposal of personal information
  • Setting up processes for security &personal data breach preparedness
  • Vendor Management (including handling data processing agreements with suppliers)
  • Determine the legal basis and process of collection of personal data
  • Set-up processes for risk assessments (Data Protection Impact Assessment, Legitimate Interest Assessment, Transfer Impact Assessment ("Schrems II analysis"))
  • How to manage inquiries and enforcement actions from the supervisory authorities

We offer fixed price projects if we can foresee the complexity and scope of the work.

Let's get in touch

No obligations for the first contact; clear costs; confirmation before billing starts and often fixed prices.
Copyright © 2015-2021 All rights reserved Sharp Cookie Advisors AB
cross-circle linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram