Back to Services

Data Protection

GDPR and LOPDGDD compliance advisory, privacy policy drafting, data processing agreements, breach response and AEPD liaison.

Who Is This For?

  • Internet and e-commerce companies operating in Europe and processing personal data
  • SMEs requiring GDPR compliance assessment
  • Companies that have received AEPD complaints or penalty notices
  • Companies needing to draft privacy policies and data processing agreements
  • Companies carrying out cross-border data transfers (China-Europe)

What We Cover

GDPR and LOPDGDD compliance assessment
Privacy policy and cookie policy drafting
Data Processing Agreement (DPA) drafting and review
Data breach management and AEPD notification
Data subject rights request procedure design
Cross-border data transfer compliance (SCCs, etc.)
Data Protection Impact Assessment (DPIA)
Internal data protection training
Handling AEPD complaints and regulatory investigations

How It Works

  1. 1

    GDPR and LOPDGDD compliance gap audit

    We map your data processing activities and identify gaps against the GDPR and the Spanish Organic Law on Data Protection (LOPDGDD).

  2. 2

    Compliance framework implementation

    We draft privacy policies, information notices, records of processing activities (RoPA) and data processing agreements (DPA) for all processors.

  3. 3

    Staff training and external DPO services

    We train staff on GDPR obligations and act as your external Data Protection Officer (DPO) for organisations required or wishing to appoint one.

  4. 4

    Incident response and AEPD notification

    We build data breach response protocols and manage mandatory notification to the Spanish Data Protection Authority (AEPD) within the 72-hour deadline.

Frequently Asked Questions