GDPR Consultancy; DPO as-a-Service
Your personal European Certified Data Protection Officer
with a GDPR Compliance software
.png)


Hire your Personal DPO
.png)
Gap analysis
We start your GDPR:
-
what is needed
-
what is already there
-
what is missing
.png)
GDPR set up
We set up:
-
Review and adjust existing working systems
-
Add missing SOP's/ policies
-
Add DPO via SOP/policy and set up tasks and schedule
.png)
Train staff
We train you GDPR:
-
DPO trains staff at least annually on GDPR and internal policies
-
Keep a log of training
-
Update staff if company policies are modified
.png)
Monitor
We monitor your GDPR:
-
you provide us updates and we monitor the internal logs
-
DPO sends a monthly GDPR update report
.png)
Audit
GDRP internal audit
-
DPO should review annually your working systems
-
DPO annually reviews documentation and policies


Personal DPO
.png)
.png)
GDPR Software
.png)
.png)
EU Compliance
Quarto Legal
Your European gdpr headquarters
ALL-IN EUROPEAN CERTIFIED DPO + Software solution
easy to keep your entire compliance up-to-date
Advantages of working with us:
-
Experience with setting up and monitoring GDPR in companies like CRO's, small pharma, biotech, startups, fashion tech, and businesses focused on minors
-
Experience with genomics contracts, risk assessments, data and material transfer agreements, and reporting data breaches.
-
We make it easy for you with direct and personal contact, meetings, monthly reports, and an online service system where you and your data protection staff log in to stay updated on how GDPR is set up in your business.

Become familiar with these European data protection definitions. In practice they make a difference in what is expected from you, others you hire, those who hire you, and which responsibilities each role carries.
GDPR: General Data Protection Regulation
Applies to EU companies and citizens, and international companies processing personal data in/from EU
Applies to EU companies and citizens, and international companies processing personal data in/from EU
Personal data
Any information, coded or not, related to a person, until it's considered anonymous. Ex: name, work email, ..
Data Controller
The person or company deciding the purpose and use for personal data collection.
Data Processor
The person or company acting on behalf / following instructions from the Data Controller
Processing personal data
Any action by anyone (also controller) related to personal data; e.g. access, viewing, erasing, sharing...
Data Protection Authority
The GDPR enforcement office in every EU Member State. Investigates and fines in case of non-compliance.
DPO:
Data Protection Officer
Mandatory for some companies. Point of contact for authorities, provides GDPR guidance on risks, training...
Data Breaches
Any unauthorized processing (access, receiving, viewing, etc.) of personal data. Follow the data breach protocol
Documentation
Have the mandatory documentation in place, keep this updated, and raise awareness among staff.