icons created by Freepik-Flaticon

Regarding the protection of personal data, the primary regulatory references are the EU Regulation 2016/679 (GDPR) and, for Italy, the Privacy Code (Legislative Decree 196/2003 as amended by Legislative Decree 101/2018).

Also to be considered:

Therefore, in summary, we must distinguish two main areas of activity:

  1. consulting;
  2. the role of Data Protection Officer (DPO).

Regarding the consultancy, our Law Firm carries out the professional activities that we indicate below in a synthetic way:

  • training on the subject of personal data protection and privacy;
  • drafting of the documents required by the regulations in force, including:
    • disclosures;
    • appointments to authorized persons;
    • contracts with the data controller;
    • contracts between joint controllers;
    • records of processing activities;
    • standard contractual clauses in case of relationships with third countries;
  • updating of any documents already prepared;
  • support in responding to requests from data subjects, also for the exercise of their rights;
  • support for the drafting of the Data Protection Impact Assessment (DPIA);
  • support for data breaches;
  • advice on specific data protection issues;
  • representation and assistance before the Supervisory Authorities;
  • representation and assistance before Italian and European Courts.

Nicola Fabiano plays the role of Data Protection Officer, according to the provisions of Articles 37 to 39 of the GDPR.