Skip to content

GDPR Compliance Services

GDPR Compliance support tailored to your organization.

Our GDPR compliance services are designed to support organizations of all sizes, from single-jurisdiction operations to those operating across multiple regulatory environments.

Trusted by leading organizations worldwide:

PH_300x110
AM_300x110
AC_262x110
VF_300x110
BN_300x110
BG_300x110
WB2_143x110
FT_300x110
RB_300x110
NGS_226x110
AZ2_239x110
PS_112x110
SX3_344x110
DS_300x110
CS_136x110
PT_300x110
AE_300x110
PW_167x110
RR_300x110
AVE_197x110
PM_275x110
KF_300x110
QA_229x110
DRI_247x110
BL_120x110
GLY_300x110
NEX_240x110
KM2_300x110
PA_300x110
SA_257x110
TEX_300x110
WE_271x110
ZI_300x110
WM2_132x110
MM_259x110
SO_300x110
SEC_188x110
BC_300x110
EVE_300x110
PH_300x110
AM_300x110
AC_262x110
VF_300x110
BN_300x110
BG_300x110
WB2_143x110
FT_300x110
RB_300x110
NGS_226x110
AZ2_239x110
PS_112x110
SX3_344x110
DS_300x110
CS_136x110
PT_300x110
AE_300x110
PW_167x110
RR_300x110
AVE_197x110
PM_275x110
KF_300x110
QA_229x110
DRI_247x110
BL_120x110
GLY_300x110
NEX_240x110
KM2_300x110
PA_300x110
SA_257x110
TEX_300x110
WE_271x110
ZI_300x110
WM2_132x110
MM_259x110
SO_300x110
SEC_188x110
BC_300x110
EVE_300x110

Simplify GDPR Compliance

The General Data Protection Regulation (“GDPR”) is the European Union’s comprehensive privacy law, which likely applies to your organization, even if you have no physical or legal presence in the EU.

VeraSafe’s GDPR compliance engagements pair in-house U.S. and European attorneys with technologists and project managers, making your GDPR consulting team uniquely cross-functional. In contrast to large law firms, VeraSafe doesn’t shy away from the complex intersection of IT and law.

Schedule a Free Consultation

We'd love to learn more about your compliance needs. In this session, a member of our team will tell you more about our program, give you an opportunity to ask questions, and gather any information needed to provide you with a proposal.
Form-steps-verasafe-green-final-1
Wow Intro

The awesome title

Text modules don’t have to be simple, you can add personality to them without this being a problem.

All blocks are customizable, add, change and choose the best for your brand.

Link here
pexels-mikhail-nilov-8322997

Key activities include:

  • Library of SOP Templates


    VeraSafe has painstakingly developed a library of data protection-related standard operating procedure templates that can be easily customized to fit your particular circumstances. We also refine your existing procedures to help ensure your operations comply with applicable privacy and cybersecurity laws.

  • Data Protection Impact Assessment (“DPIA”)


    Before starting new data processing initiatives under the GDPR, a data protection impact assessment must be performed, in certain cases. VeraSafe offers complete assistance and impartial advice on your DPIA, in addition to a DPIA template and documented DPIA procedure template for you to use in conducting your own DPIAs.

  • Privacy Training for Staff


    VeraSafe provides our proprietary all-in-one privacy and security training program: PrivacyTrain. This integrated Learning Management System includes popular computer-based training content, which can be applied across your entire organization. Detailed reporting helps you document and demonstrate compliance.

  • Data Protection Officer and EU Data Protection Representative Service


    VeraSafe provides both outsourced Data Protection Officer (DPO) services and GDPR Article 27 EU data protection representative services.

  • Notice and Consent

    VeraSafe will review your organization’s privacy policy and propose improvements to the existing privacy policy, or draft a new one, as necessary, to comply with the GDPR. If consent is the most appropriate legal basis for certain data processing operations in your organization, we will analyze your organization’s current data collection points and recommend ways to implement consent management, or improve the quality of the consent acquired, with respect to the requirements of Article 7 of the GDPR.

  • Privacy Rights


    VeraSafe will analyze each information system within the scope of your exposure to the GDPR and identify cases where data subject rights (right to be forgotten, right to access, correct, update one’s personal data, right to restrict processing, etc.) are not supported. Our team will help you score or rank all compliance gaps and develop real-world solutions to close critical compliance risks.

  • Vendor Risk Management


    The GDPR includes specific obligations that you must pass down to any service organization you engage to process personal data on your behalf. VeraSafe has a mature methodology, including an internal knowledge base covering our approach to successfully negotiating GDPR-compliant data processing addenda with common service providers. Additionally, we help you assess vendor compliance by analyzing their third-party audit reports, or vendor security questionnaires.

  • Data Mapping and Discovery
    VeraSafe guides you through a discovery exercise, to develop your records of data processing (as required by Article 30 GDPR). This set of diligence becomes an essential information resource throughout your initial GDPR compliance project, and beyond.

     

Top Project Management Methodology

Our proprietary project management methodology ensures that we are able to meet tight deadlines and accommodate aggressive timelines. Your VeraSafe project team will include a qualified project manager who is responsible for managing the overall pace, organization, and efficiency of your compliance project. The project manager has the ability to draw on the resources and expertise of the entire VeraSafe team, when needed, to accelerate the completion of deliverables.

 

Experienced Team

Our more than 50 team members include American and European attorneys, compliance professionals, and IT security experts with in-depth knowledge of the GDPR. Our ranks include former regulators and Vault Law 100 attorneys, Certified Information Privacy Professionals (CIPP), Certified Information Systems Auditors (CISA), and alumni of Big 4 professional service firms.

Jim Cormier, Partner

Jim Cormier
Sr. VP and Head of Professional Services
CIPP/E, CIPM, FIP

Zia Maharaj, Partner

Zia Maharaj
Partner
CIPP/E, CIPP/US, CIPM, GCP for Clinical Trials (ICH Focus)

Kellie-du-Preez-500x500

Kellie du Preez
Partner
CIPP/E

Isabel Fernandez 500x500

Isabel Fernández Del Campo Aguiló
Senior Privacy Counsel
CIPP/E, CIPP/US, CIPM, CIPT