GDPR Compliance Audit

Duration Duration
1 - 2 weeks
Price Price

We can audit: your company, single processes, products, software in order to comply with the General Data Protection Regulation (GDPR), eliminate gaps and demonstrate compliance to partners or just to see the whole picture.

During the audit of the company we check for:

Presence of mechanisms which ensure that data is processed:

- based on one of the legal grounds mentioned in art. 6 of the GDPR;

- fairly and in a transparent manner with respect to data subjects;

Whether information is kept:

- up to date and

- in limited scope necessary in relation to the purpose for which it is processed;

The period for which the personal data will be stored is:

- adequate and

- when expired, the information is erased;

A subject has the rights:

- to access;

- to be forgotten;

- to rectification; etc.

The company complies with national laws, regulations and guidelines of supervisory authorities in the area of data protection;

Data protection system is effective and functions according to best practices;

Company is able to demonstrate compliance with data protection requirements to supervisory authorities, data subjects, business-partners.


Work stages:

We fill out the checklist to access the level of GDPR compliance
Interview heads of departments and employees, and analyse document and material evidence
Draw up an auditor’s report
We present and discuss the report


Olga Zavalniuk CIPP/E, CIPP/US
Olga Zavalniuk
Expert in Data Privacy, Certified Information Privacy Professional (CIPP/E & CIPP/US - Europe & United States), member of International Association of Privacy Professionals (IAPP)
Siarhei Varankevich CIPP/E, CIPM, MBA
Siarhei Varankevich
MBA, Certified Information Privacy Professional (CIPP/E), Certified Information Privacy Manager (CIPM). Started to work with the GDPR draft version, in 2015, in Munich. Defended his MBA thesis about the Regulation, in Bremen, in 2016

Audit goals:

• Provide heads of the company with clear vision about data protection in the company and define gaps;
• Audit is a start point for project development or GDPR compliance action plan; 
• Demonstration of company’s GDPR compliance to the companies-contractors.

Audit benefits:

• Facilitates compliance with the GDPR.
• Measures and helps improve compliance with the internal data protection system.
• Increases the level of data protection awareness among management and staff.
• Provides information for data protection system review.
• Improves client satisfaction by reducing the likelihood of errors leading to a complaint.