Skip to main content

Our Data Protection services

We offer the services of an experienced data protection lawyer for all your data protection needs. You can find examples of the services we offer on this page, but we are also happy to assist in other data protection -related questions. Don’t hesitate to ask for a quote!

Data Protection Impact Assessment

A Data Protection Impact Assessment (DPIA) helps you identify, evaluate and control the risks related to the processing of personal data. An impact assessment is both a statutory obligation as well as a useful tool for data management. We offer the services of an experienced data protection lawyer for all the phases of carrying out an impact assessment.

  • An evaluation on the necessity of an impact assessment
  • Conducting a Data Protection Impact Assessment
  • Drafting a prior consultation request for the Data Protection Ombudsman
  • Materials for the co-operation procedure

#DPIA #dataprotectionimpactassessment #impactassessment #priorconsultation #co-operationprocedure

Privacy Policies

Privacy policies are meant to act as documentation on the processing of the organization’s personal data stores, as well as communicate to clients, employees and partners how their personal data is processed. We offer our years of experience to help you draft the contents and implement the necessary updates to all kinds of privacy policies, cookie banners and data protection briefings.

  • Record of processing activities
  • Privacy policy/register description
  • Providing information on the processing of personal data
  • Cookie banners

#registerdecription #privacypolicy #cookiebanner #dataprotectiondocumentation

Data Protection Agreements

Whether you are buying or selling, you must agree on the processing of personal data in writing. We offer the help of an experienced data protection lawyer for all the situations where you need to agree on data protection.

  • Checking the data protection terms and conditions of agreements
  • Drafting or amending the data protection terms and conditions

#DPA #dataprotectiontermsandconditions #dataprotectionagreement

Data Protection Training

Do your organization’s data protection skills need updating or improving? We offer an experienced instructor and a training that is tailored to fit your needs.

#dataprotectiontraining #dataprotectionorientation

FAQ

What is a Data Protection Impact Assessment or DPIA?

A Data Protection Impact Assessment (DPIA) helps you identify, evaluate and control the risks related to the processing of personal data.

When should you do a Data Protection Impact Assessment?

An impact assessment is mandatory when the planned processing is likely to result in a high risk to the rights and freedoms of individuals. However, an impact assessment is a useful tool for all kinds of planning and evaluation related to the processing of personal data. An impact assessment must be conducted before starting to process personal data. I.e. before introducing a new system, or before test use if the system is tested with real personal data.

What is a prior consultation?

When high data protection risks are identified that you cannot adequately control on your own, you are legally obliged to consult the Data Protection Ombudsman, i.e. the data protection authority, before starting to process personal data.

When should you make a data protection agreement?

Always when processing personal data for another party. In practice, you must almost always make a data protection agreement when you are selling or buying a service or a system.

What is a record of processing activities?

A record of processing activities is a document required by law that attests to the processing of personal data in the organization. The record is for internal use in the organization as well as for official inspections, and it also includes information on your cyber security measures.

Contact us

Anna Lonka
Data Protection Lawyer, LLM, CIPP/E
+358 45 783 730 40
info@molemmat.fi