Simulation of an onsite or remote GDPR audit

In effect for over two years, the General Data Protection Regulation, or GDPR, imposes a legal framework for the management of the data collected by organisations. To that end, companies in Luxembourg must become compliant with the law and follow the recommendations of Luxembourg’s authority, the National Commission for Data Protection (Commission Nationale pour la Protection des Données or “CNPD”), or risk a potentially substantial administrative fine.

The transition period following the applicability of the GDPR ended as the CNPD’s president, Ms. Tine A. Larsen confirmed it would in 2019. Since then, the CNPD has launched several audit and monitoring campaigns, reinforced its teams for this purpose and the first sanctions are now awaited.

An onsite or remote audit

During our support for a GDPR audit, our experts evaluate your compliance with the regulatory requirements and assist you in preparing for inspection by the supervisory authority. DSM Avocats à la Cour proposes a methodology inspired by the  procedure implemented by the European supervisory authorities for their inspections. The audit includes DSM Avocats à la Cour’s advice on market best practices, detailed knowledge of the sector, an overview of the regulatory landscape and the interactions with regulatory authorities with respect to onsite inspections.

Onsite or remote audits can cover several topics:

Our approach and methodology

Because coming into GDPR compliance must be done quickly, efficiently and with flexibility, we offer you a tailored solution that includes a road map and deliverables that are rapidly adaptable to your particular situation.

We have prepared the entirety of the legal documentation necessary for a company’s coming into GDPR compliance based on models from the inspecting authorities, or those which we have drafted ourselves over the months based on the applicable texts, recommendations from the European supervisory authorities (EDPB and national authorities such as the CNPD, CNIL, CPVP, BFDI or ICO), as well as recommendations from recognized authors. Our training as lawyers and company advisors allows us to draft our models with a detailed legal approach, with the goal of ensuring flexibility and simplicity upon later use by the persons involved.

This simulation will not only help you to prepare for a potential CNPD inspection, it will also improve your current data management and regulatory compliance.

How can DSM Avocats à la Cour assist you?

Our Digital team supports you in your coming into GDPR compliance pursuant to the Luxembourg authority’s expectations.

As pragmatists, we see the GDPR not as a constraint, but rather as an opportunity to give your clients and partners more confidence in your  organisation. For us, the GDPR is a useful and necessary development in the management of natural person personal data.

This approach allows us to support a diverse clientele including banks; e-commerce businesses; fiduciaries; telecommunications, transport, health and real estate sector businesses; restaurateurs and delivery businesses; public bodies; communication agencies and fitness centers.