In Italy, the enforcement of the General Data Privacy Regulation (GDPR) since May 25th, 2018, has brought about a profound shift in data protection regulations. The GDPR was implemented in Italy by D.Lgs 101 /2018, which amended the previous Legislative Decree 196/2001 bearing the “Privacy Code”, in force today. At LDP, we understand the importance of GDPR compliance and are here to guide you through the intricacies of this legal framework.
GDPR introduces a new set of rules designed to enhance the protection of individuals’ privacy data, ushering in a new era of data management. It impacts every aspect of your business, from data collection to access and storage. This encompasses data related to clients, suppliers, employees and various other third parties.
Guidance from the Italian Supervisory Authority
To help local companies being compliant to the new GDPR system, the Italian Supervisory Authority (SA) offers valuable guidelines. However, to ensure comprehensive compliance and a seamless transition, legal expertise is often required.
- Legal Assistance: we provide guidance on the application of the new data protection regulations, ensuring that your business operates in full compliance with GDPR.We provide support and assistance in the implementation of general personal data processing systems “GPDS”. We support you in all the necessary stages of the implementation of the system itself i.e.:
- Preliminary assessment
- Identification of gaps
- Privacy risk assessment
- Documentary preparation
- Internal audits
- Updating and continuous improvement.
- Documentation: we offer support in the creation and management of the necessary documentation, ensuring that your data protection practices align with GDPR requirements i.e.:
- Internal privacy regulations
- Handbook on the processing of personal data (PD)
- Privacy operating system on the use of information technology tools
- Data Processing Agreement (DPA)
- Privacy notice for employees, applicants, customers, and suppliers
- Operating procedures for marketing and communication activities
- Assignment letter/authorization on personal data processing.
- Data Retention policy
- Data Breach Policy
- Procedure for handling the exercise of data subjects’ rights
- Privacy organization chart
- Register on the data processing of Data Controller
- Register on the data processing of Data Processor etc.
- Training: our training programs are designed to equip your team with the knowledge and skills needed