Data privacy & GDPR

Mazars supports you in achieving and maintaining data protection & privacy compliance.

Outsourced data protection officer services

Many organisations that require a DPO cannot attract or justify paying for an individual that meets the capability and seniority requirements. We can provide an outsourced DPO service that is tailored to your needs and will overcome these issues.

GDPR Certification

Mazars has partnered with Europrivacy to provide companies with General Data Protection Regulation (GDPR) compliance certifications. This is the first GDPR certification to be created since the launch of the GDPR four years ago and has been authorised by the European Data Protection Board (EDPB). This certification positions companies as front-runners in data protection with a strong competitive advantage in the market.

Data protection by design and by default

The general data protection regulation (GDPR) provides for two crucial concepts for future project planning: Data Protection by Design and Data Protection by Default (DPbDD). While long recommended as good practice, both principles are enshrined in law under Article 25 of the GDPR. Our expert team can guide you though the approach and process of building privacy by design into your products, services or business.

Outsourced subject access requests

Satisfying subject access requests can require a significant amount of time and effort. Gathering the data, filtering the records, making decisions on what is necessary and redacting information appropriately can turn one SAR into a standalone project.  Our experts can manage the DSAR process in a streamlined, time and cost-efficient manner.

Data protection impact assessments

Where there is a high risk to individuals from a changed or new use of data, it will be necessary to complete a DPIA.  These assessments require input from multiple stakeholders and careful crafting to ensure the risks are identified and addressed in an articulate manner.  We will ensure that your DPIA can stand up to regulatory scrutiny.

GDPR audit

One of the challenges for boards is gaining a level of assurance in relation to the organisations' data protection risk.  A data protection audit provides you with the assurance of your compliance efforts to date.

3rd parties and international transfers

Sharing personal data with 3rd parties requires a consistent and developed process that includes due diligence and data-sharing agreements. If the sharing includes an international transfer to a country without an adequacy decision then a mechanism must be introduced, such as Standard Contractual Clauses. Following the Schrems II decision in 2020, a data transfer impact assessment (DTIA) is also required.

Implementing GDPR

Achieving and maintaining compliance will continue to be a challenge for organisations as the regulatory landscape changes.  Our implementation programmes are designed to meet business needs and drive towards strategic goals in a sustainable manner.  Our goal is to ensure that you have the tools and knowledge to maintain ongoing compliance with no further assistance.

Breach response

Breach management may be time and effort intensive.  Our experts quickly and accurately identify and manage risks as required and have a large amount of experience in dealing with various supervisory authorities, including the Data Protection Commission. We ensure that we keep the safety of data subjects front and centre.

Compliance technology enablement

We are accredited partners with industry-leading data protection compliance technology providers with experience in large-scale implementation projects across multiple industries.

Responding to regulation and case law

The data protection and compliance landscape is changing and developing as regulators and data subjects become more informed of processing activities.  Further to this, the digital landscape is changing, with new regulations being announced, such as the Digital Services Act (DSA) and the Artificial Intelligence Act (AI Act).  Our experts can interpret these changes and regulations and what they mean for your business.

Data protection process improvement

As processes are embedded and matured, now is the time to ensure they provide the desired outcomes.  We combine industry best practices in process improvement and change management, such as Lean Six Sigma, and our data protection expertise to ensure your processes are operating effectively.

Got a question? Just get in touch

Join our mailing list

We have insights into developments that affect your business. We can provide you with unique perspectives and thoughtful solutions so you can meet new challenges and seize opportunities. Subscribe here

Data protection news