Data Protection

Data Protection, how to comply with the new regulation coming into force in 2018

The issue of Data Protection is no longer to be intended as the mere right to discretion, but rather as the right to the use and to the protection of the personal data, which has become crucial in the modern society, more and more connected and likely to result in a risk of interferences with the private life of individuals, because of the increasing diffusion of Internet and E-Commerce, which have transformed the mere personal data into an information useful to generate profit. Therefore, the lawful use of the personal data, the related protection with the adoption of adequate IT safety measures, as well as the compliance with the national and European laws, currently represent priorities of the utmost importance for any economic operator.

The importance of data protection is also reflected in the various regulations which, over the years, have been adopted in order to control the unlawful intrusions or the abusive use of the personal data, by the introduction of increasingly stringent obligations for the companies, right up to the recent adoption of the European Regulation 2016/679 on data protection which has aligned the regulations of all the Member States of the European Union in the area of data protection.

2018 Privacy Regulation

Dike Schindhelm supports the companies which, at the latest by May 25th, 2018, have to comply with the innovations introduced by the European Regulation on data protection.

Although May 2018 might appear still quite far, it is mandatory for every company to initiate immediately, with the help of experts, an accurate organisational analysis of its own personal data processing methods, in order to plan in time the necessary changes required to comply with the new European Regulation.

The severe sanctions provided for by the Regulation actually require all the economic operators to comply.

Dike Schindhelm experience in the area of data protection

Dike Schindhelm has already advised an important national institution in the process to adapt the internal data processing procedures to the new standards imposed by the regulation and, also following said experience, has decided to create a specific desk for data protection matters, dedicated to companies.

The advisory activity – specific or on a continuous basis – carried out by Dike Schindhelm in the area of data protection and IT matters, regards any possible aspect in connection with compliance with the laws on personal data protections.

The focus areas of our range of consulting services are

Our lawyers provide their assistance in the following areas:

  • Compliance in general;
  • appointment of a EU representative;
  • Carrying out audits whether the client’s procedures are in compliance with applicable regulations, drafting of legal opinions and representation of the client in court in judicial procedures;
  • Assistance in drafting the documentation (also for websites) required by the Italian Privacy Code (e.g.: written information for the persons affected by data processing, collection of declarations of consent if required, nomination of the Data Controllers and/or Processor, documents regarding the "privacy policy" for websites, nomination of the representative in Italy of Data Controllers residing outside the EU, etc.);
  • Assistance and advice in connection with proceedings brought forward by the Italian Data Protection Authority;
  • Assistance and advice in connection with administrative and judicial proceedings;
  • Assistance and advice for drafting and revising the contracts connected to personal data processing;
  • Assumption of the role of Data Protection Officer in outsourcing;
  • Risk assessment on the basis of the nature of the data, the processing methods and the measures adopted, including those in the area of cyber security;
  • Assessment of the Impact/risk for the protection of personal data of new projects, products, services, business models;
  • Assistance and advice regarding the compliance of the websites with the regulations about the so called “cookies”;
  • Assistance in order to ensure that the processing of personal data carried out by the client complies with the general provisions adopted by the Italian Data Protection Authority or with the codes of ethics and of good practices adopted in order to regulate specific types of data processing;
  • Assistance and advice in case of a data breach.