Data protection (GDPR) consulting

Why is data protection law important for you or your company?

The manager of personal data can be a natural person, a legal person or any other organization without restriction. Taking into account the exceptionally wide scope of personal data and the fact that basically anyone can be a data manager, we can declare that all companies have to face a potential obligation of complying with data protection law requirements. 

What risks come with a violation of data protection rules?

Based on the Information Act currently in force, the cap on the fine that may be imposed in the case of a data protection infringement is 20 million forints, which will increase substantially upon the entry into force of the new data protection regulation (GDPR) in May of 2018. 

Why should you turn to us with data protection law questions?

Our employees specializing in data protection are experts qualified and have extensive experience also in competition law, intellectual property, corporate, labour and economic law. A data protection infringement may have significance in other fields of law also; be it civil law in which the right to the protection of personal data qualifies as a specified right relating to personality or criminal law. A violation of a specified right relating to personality committed together with a data protection infringement may imply parallel data protection law and civil law sanctions. In criminal law, an abuse of personal data qualifies as a crime. If the data protection authority identifies a grounded suspicion of commitment of a criminal act during a procedure, it will initiate a criminal procedure. 

Data protection related non-compliance may have a serious risk formulated in various branches of law, which may, in certain cases, arise parallelly in the efficient management of which you may rely on the expertise of our legal team. 

Our data protection law services

In relation to the ensuring of compliance with data protection law requirements, we provide the following services: 

A)For data managers

1.Data protection due diligence and recommendations

• Identification of areas and processes within the operation of the given organization that are potentially concerned by data protection; 
• Identification of data management that is relevant for purposes of legal regulations;
• Identification of specific statutory obligations applicable to the processes of the client and identification of potential deficiencies and areas needing correction in relation to compliance with data protection law; 
• Preparation of an action plan with specific recommendations in order to remedy the risks and errors identified as a result of the due diligence; 

2.Data protection documentation

• Implementation of the recommendations specified in the action plan; 
• Preparation of the necessary policies or amendment of existing policies; 
• Support in the execution of data protection impact assessment; 
• Organization of records;

3.Representation in procedures

• Legal representation of persons, organizations qualifying as data managers in procedures in front of the data protection authority and in potentially connected litigation; 
• Representation in procedures relating to civil law infringements of rights relating to personality; 
• Representation of the defendant in criminal procedures relating to abuses of personal data; 

B)For natural persons qualifying as data subjects

In the case of any abuse of personal data: 

• Legal representation in the field of data protection law;
• Enforcement of civil law claims in the case of an infringement of personality rights relating to personal data;
• Representation of the infringed party in criminal procedures relating to an abuse of personal data.