GDPR – EGNA Law Firm – NAVRIDIS & ASSOCIATES is ready. Are you?
In 2016, the EU adopted the General Data Protection Regulation (GDPR), one of its greatest achievements in the area of personal data protection which has been a long term priority for several years. Since a lengthy adjustment period was deemed necessary to accommodate time consuming procedures compliance, EU granted a fairly long adjustment period for the member States and ensured the wide publicity of the approved Regulation. However, just a few days before the regulation’s implementation date of the 25th May 2018 many Member States and even more individual companies are not ready to meet the Regulation’s requirements, which is mainly due to the absence of sufficient information.
To understand the multitude of businesses required complying with the new Regulation, you only need to refer to the definition of personal data provided in the GDPR, where personal data is defined as any information which allows directly or indirectly to establish a person’s identity. This broad definition in conjunction with the latest technological trends, which ensure and incorporate in our everyday lives the collection of personal data, as well as, the territorial scope of the new Regulation, which includes not only the EU but any country depending on the controller’s or processor’s place of establishment, illustrates the scope of the new Regulation.
Moreover, the tightening of the imposed by the Regulation fines, which reach up to 4% of a company’s annual global turnover creates a legitimate business concern, which often result in arbitrary conclusions regarding the appropriate steps they must follow in order to comply with the Regulation. The main problem, however, is that it is not clear to businessmen that the whole process requires mapping of needs and cooperation of specialized scientists, mainly from the legal and IT fields. Since only specialized scientists are able to distinguish concepts, to realize the extent of the rights described in the Regulation, to recognize individually for any business the necessity of the designation of the Data Protection Officer and to determine and implement compliance procedures taking into account that the Regulation gives priority to the subject of personal data in anticipation of the necessity of consent, the right of information and access, correction, deletion, editing restriction, dissent, but also right to data portability.
EGNA LAW FIRM responding to the request of its clients to cover their new needs in view of the entry into force of the Regulation, has already gone into stuffing with legal experts and the collaboration with leading information technology and personal data security experts and we are ready to undertake consultancy services regarding GDPR and the implementation of proposed solutions and processes, which allow our clients to understand initially their obligations and to comply with the requirements of the new demanding Regulation. At our headquarters in Athens, as well as to our subsidiaries in the Balkans (Bucharest, Tirana, Sofia and Skopje) our partners develop and are already working on projects on behalf of companies of any size placing our law firm once more among the leading and innovating international law firms.
