GDPR (Regulation of the European Parliament and of the Council effective May 25, 2018) introduces a number of changes, the most important of which are a significant expansion of the scope of obligations of personal data controllers and the rights of data subjects, restriction of profiling, changes to consent to data processing, and increased powers of supervisory authorities and penalties for violations.


We also provide the services of a Personal Data Protection Inspector (DPO).


As part of the service of implementing the structure of the provisions of the General Data Protection Regulation at clients, we offer:

  • audit of current data processing safeguards and processes and risk analysis,
  • trainings for management staff at the Administrator’s company,
  • training for employees and associates who process personal data
  • analysis and adaptation of existing documentation governing the processing of personal data in the company to the RODO,
  • analysis and adjustment of existing contracts of entrustment of personal data processing to RODO,
  • ongoing support – including by telephone – in case of doubts arising in the course of daily work and personal data processing, e.g. in case of a personal data breach,
  • legal support for the Data Protection Inspector,
  • control audits.


What does the RODO audit consist of?

The IURICO Law Firm’s offer of the Personal Data Protection Regulation also includes a comprehensive RODO audit, which is the process of verifying the compliance of internal procedures with EU requirements. As part of the audit activities, we make a full inventory of the implemented methods of personal data processing. We undertake the analysis of the collected RODO documentation with a view to its compliance with the provisions of Community law. The RODO audit conducted by the specialists of the IURICO Law Firm focuses on the evaluation of the archived data in question, as well as on the control of access to the protected information. An integral part of the audit also remains the verification of reactive procedures in operation, aimed at quickly resolving potential irregularities in the company. A RODO audit performed by an experienced third party helps identify areas for improvement that often remain hidden from the awareness of executives. The juxtaposition of the current interpretation of the law with the actual state of affairs very often brings surprising conclusions, protecting the company from severe financial consequences. The processing of sensitive personal data is still out of control for many business owners, who need legal support in setting up the right organizational structure and procedures for customer data documentation.

During an internal RODO audit, IURICO Law Firm experts verify the personal data protection system from technical, organizational and legal aspects. The results of a well-conducted RODO audit provide valuable information to executives, who gain clear guidance on the direction of necessary changes

Read more

What is a RODO risk analysis?

A data protection system audit consists of several components, and the RODO risk analysis is the foundation for the efficiency of the entire process. Risk factors lived to see their definition in Directive 2016/680 of the European Parliament and of the Council (EU) of April 27, 2016 on the protection of individuals with regard to the processing of personal data. These include material damage, defamation, damage to reputation, identity theft or discrimination, among others. It is worth noting that the RODO risk analysis focuses only on risks to individuals, excluding criminal consequences for the personal data controller found to have violated the RODO principles. The analytical activity uses a widely recognized risk matrix to help transparently identify the key components of a threat. The analytical table used by IURICO Law Firm experts divides risks into critical, unacceptable, conditionally acceptable, acceptable and negligible, juxtaposing them with a five-point scale of probability of occurrence. Determining the error-prone areas thus becomes much easier, and prioritizing activities allows focusing on solving pressing problems with the greatest formal consequences.

The RODO risk analysis provides the basis for implementing effective and measurable security measures, helping to reduce the risk of adverse situations. Conducting a RODO audit supported by a comprehensive risk analysis lays the foundation for an effective data protection system, free from legal and operational flaws. At IURICO Law Firm, we support the development of a RODO environment that complies with EU requirements and conditions the secure operation of the company.