GDPR & Data Privacy Compliance 


Audit and Project Management

  • Assessment of compliance gaps with regard to the GDPR and applicable data protection rules
  • Recommendations for remediation actions: legal, security and organizational measures
  • Definition of the action plan
  • Implementation of the GDPR project: project management, definition of governance

Policy and Procedures‚Äč

  • Drafting and deployment of policies and procedures
  • Implementation of processes (management of requests to exercise rights, data breaches, Privacy by Design, management of an audit…)

Register of treatments

  • Realization and update of personal data processing registers
  • Register completion
  • Verification of information (legal basis, retention periods…)
  • Feeding of the customer’s registry software tool where applicable

Subcontractor audits

  • Verification of contractual data protection clauses
  • Verification of the conformity of processing carried out by subcontractors
  • Verification of subcontractor security guarantees

Data transfer and TIA

  • Mapping of personal data transfers to a third country
  • Realization of ” Transfer Impact Assessment “
  • Determination of additional measures


  • Conducting Data Protection Impact Assessments (DPIA): legal and security analysis
  • Recommendations and action plan

Websites and applications

  • Compliance audit of websites and mobile applications
  • Scan cookies and “third-party” trackers on web and mobile applications


Florence BONNET Partner

An idea, a need ?
Tell us about your project