- Compliance with the “general data protection regulation”
- Audit, mapping and identification of issues in the area of personal data protection
- Data governance and “privacy & security by design” organisation (impact assessments, “personal data protection” committees etc.)
- Contract management in the area of personal data protection
- Reference documents: charters, internal policies, codes of conduct, clause check-lists etc.
- Maintaining operational compliance and project management: big data, smart data, business intelligence, data management platforms etc.
- Data protection officer (DPO): outsourcing, legal assistance etc.
- Security breach management (data breaches)
- Inspections, pre-litigation and litigation of the Commission Nationale Informatique et Libertés [French Data Protection Authority (CNIL)]
- Respect for the rights of the data subjects: information statements, personal data protection policies, assistance in responding further to the exercise of their rights by the data subjects (e.g. right of access, right to be forgotten, right to object, etc.)
- Framework for cross-border data flows
- Ethics and compliance (ethics alerts & whistleblowers, anti-corruption and money laundering, codes of ethics etc.)