Data Privacy & Compliance

The EU has led the global efforts in protecting personal data by imposing strict regulations on entities that process personal data, reaching beyond the borders of the EU. In response, other regions in the world such as the United States and Brazil have followed suit by enacting their own general data protection laws. Similarly, other countries around the world may already have data protection laws that predate this new trend.

Our law firm is experienced in advising businesses and individuals on how to navigate these different data privacy regulations around the globe. We are able to provide expert solutions that are tailored to our client’s practices, and help them design their infrastructure to have data privacy by design and default.  

EU – GDPR & Data Protection Officer

The new European Regulation called General Data Protection Regulation (GDPR) introduced a revolutionary change to data protection in the European Union and beyond. The final version of GDPR was published in the Official Journal of the European Union on 27 April 2016 under number 2016/679, coming into effect on 25 May 2018. Fines for GDPR non-compliance can be up to 4% of total annual income, or 20 million euros.

Our law firm is a leader on GDPR compliance.  Among our various methods of ensuring compliance, we conduct conferences where our experts share their practical experience gained through their roles as Data Protection Officers. We also train institutional Data Protection Officers. Our opinions and practical guidance are regularly published in magazines and periodicals specific to GDPR.  In addition, we regularly cooperate with the Office for Personal Data Protection and professional publishing houses.

We have successfully advised on and implemented GDPR compliance for private and public entities, especially schools and educational institutions, travel agencies, online retailers; developers, operators of internet applications, and the automotive industry.

In addition, we provide the services of a Data Protection Officer for public entities such as municipalities and schools, and for private entities such as travel agencies and health care providers. At the moment we are acting as the Data Protection Officer for more than 30 entities.

Global Perspective –

Though our cumulative experience in GDPR compliance, we can provide practical insights into the various privacy regulations around the world. Most notably, we can provide guidance for compliance with:

- The California Consumer Privacy Act (CCPA),
- The Colorado Consumer Data Privacy Act (CDPA), and
- Brazil’s Lei Geral de Proteção de Dados Pessoais (LGPD).

Because these regulations were drafted after the GDPR, they borrow heavily from its principles. We can provide expert insight on how to tailor your practices to be compliant with these regulations, through our attorneys licensed in the EU and the U.S.

In order to provide you with a global solution, we also take advantage of our extensive global network of client driven law firms and technical experts, with whom we share our knowledge and experience.

Specialists in this area are:
Štěpán Holub
Alice Kubů Frýbová

Are you interested in this area? Contact us!