Derriennic Associates, buoyed by over thirty years of experience, has developed significant involvement and expertise in terms of personal data protection.
It began to focus at a very early stage on the questions and difficulties that the regulatory framework throws up.
Since 2016, the office has been supporting more and more private and public players as they seek to achieve GDPR compliance.
In that context, the office quickly put in place a dedicated “GDPR” team. This team was further expanded in 2018 thanks to the arrival of some new members, including a former jurist with the French National Commission for Data Protection and Liberties or “CNIL”.
Because they also have a solid grounding in the world of business, the office’s lawyers fit in easily with their clients when they are assigned to an in-depth GDPR matter.
The office has nurtured some very strong partnerships with experts in security and IT systems and data analysis, which equips our lawyers to offer clients a full service, marrying legal skills with technical know-how.
The office offers a very diverse palette of services, which can be rolled out at every level in the process of achieving GDPR compliance:
risk and processing mapping,
definition and deployment of governance rules,
creation of internal compliance procedures (exercise of rights, notification of data breaches, etc.),
privacy impact assessment (PIA),
regularisation of service contracts,
management of cross-border traffic,
retention and deletion policy,
The office has equally developed a Data Protection Officer (DPO) service for businesses wishing to outsource this function.
The DPO is the compliance “mastermind” when it comes to protecting personal data within an organisational structure.
Its wide range of tasks includes:
notifying and advising the data controller (or the subcontractor);
checking compliance with the regulation (GDPR) and national law (in France, this is the “Loi Informatique et Libertés” or Data Protection Act) in terms of the protection of personal data;
advising the organisation on the completion of a data protection impact analysis and checking its implementation;
cooperating with the supervisory body (in France, the CNIL) and acting as its point of contact.
The DPO’s remit covers all the processing operations conducted by the body which has appointed it.
The office, which includes a dedicated data protection team, carries out these DPO tasks on behalf of its clients.
This means that depending on the client’s needs, the services offered by the office are very diverse and can be integrated at every level of the process of achieving GDPR compliance.
This cookie is used to store your cookie preferences :
- _moove gdpr pop up .
Web analytics cookies
This website uses Google Analytics for statistical purposes (audience measurement cookies). They make it possible to know how many times a certain page has been consulted. We only use this information to improve the content of our website.
Please find below the cookies used :
– ga : This cookie is used to identify users of the Website via the users’ IP addresses.
– gat : This cookie is used to limit the number of simultaneous requests in order to avoid bugs
– gid : This cookie is used to identify the Website users via their IP address (which are stored 24h)