Privacy Policy and Notice Drafting

Our certified experts in the field of personal data protection will develop a privacy policy for you that fully complies with the GDPR.




The privacy policy is one of the key documents according to the GDPR. The privacy policy displays all information about personal data that are used by the company or service: what kind of data is used, how they are collected, why they are stored, etc.

It allows the user to familiarize themselves with the categories of data that they transmit, as well as with the purposes of the data collection and methods of their protection. Therefore, the GDPR privacy policy should be publicly available on the website or application and should be visible to all visitors.

The visitor may be an employee of the supervisory authority, a dissatisfied customer, or an unscrupulous competitor. All of them can easily detect the absence of a privacy policy or that it does not comply with numerous GDPR rules and the Guidelines on Transparency. Thus, there is a constant risk of being fined or experiencing unpleasant communication with the supervisory authority.

Even if you already have a privacy policy for your website, closing this page and forgetting about the GDPR forever will not work. You will have to do changes. Time goes by, the Regulation is being updated, the GDPR requirements are changing. Because of that, your privacy policy could be outdated. Unfortunately, a template or copy of someone else's document is also not suitable for you, since a privacy policy has to be unique for each organization:


✓  Your processing procedures are different from other companies.

✓  You collect other types of personal data.

✓  You use your own set of cloud services.

✓  Your site contains its own unique set of counters, trackers, and other functions.

✓  You provide access to your customers' data for services in different countries.


You can try to figure out the complexity of the GDPR by yourself, but we have a better idea!


Our offer:


Save 1-2 years of your and your company’s time and assign the task to our certified specialists. The standard 10 hours of our consultant's work include several stages.


Interviewing employees to identify processing procedures2-4

Checking your website for the presence of trackers, counters, and web forms


Defining the goals and legal ground for processing1-2
Setting data storage periods1
Identification of cross-border data transfers (when data are moved outside the EU)0,5-2
Drafting a privacy policy in English4-6
Presentation of results0,5-1

* If the amount of work exceeds 10 hours, we will notify you in advance and guarantee that the remaining work will be performed by a senior consultant at a discount rate of € 200/hour (instead of the standard € 250/hour).




Duration Duration
Up to 3 weeks
Price Price

What are the advantages?

Saving time
Save months or years of self-study of the GDPR.
Protect yourself from fines and complaints.
Estimate the changes needed in your company for GDPR-compliance.
Feel confident when working with personal data.

Privacy Notice check-list

We have gathered all the requirements for you and put them in a convenient checklist with links (which appear when you hover the link) to specific GDPR articles and Guidelines.

To receive it, please enter your email address in the form below and we will send the file to your email address.

Download PDF

We will send you:

1. Check-list Privacy Notice

2. Link for subscribing to our mailing list with similar events and materials

скачать чек-лист


Olga Zavalniuk CIPP/E, CIPP/US
Olga Zavalniuk CIPP/E, CIPP/US
Senior Consultant DPO LLC, Data Protection Officer
Expert in Data Privacy, Certified Information Privacy Professional (CIPP/E & CIPP/US - Europe & United States), member of International Association of Privacy Professionals (IAPP)
Maria Arnst CIPM
Maria Arnst CIPM, TÜV, Strategic Privacy by Design, DPP
Data Protection Officer, GDPR Consultant, Privacy researcher
Certified Information Privacy Manager, member of International Association of Privacy Professionals with experience of being a Data Protection Officer for European companies, including those focused on privacy and data security. Certified as Data Protection Officer by TÜV (Germany's leading and one of the world's leading independent testing and certification services group), trained in Strategic Privacy by Design.
Pavel Lazavenka LLB, GDPR DPP
Pavel Lazavenka LLB, GDPR DPP, Strategic Privacy by Design
GDPR Consultant
LLB, GDPR Data Privacy Professional. Specializes in Data Processing Agreements, drafting and auditing of privacy notice (privacy policy), DSARs management. Able to assist you with the DPIA and LIA. Trained in Strategic Privacy by Design.
Siarhei Varankevich CIPP/E, CIPM, MBA
Siarhei Varankevich CIPP/E, CIPM, MBA, FIP
Founder of Data Privacy Office LLC. Data Protection Trainer and Principal Consultant
MBA, Certified Information Privacy Professional (CIPP/E), Certified Information Privacy Manager (CIPM). Started to work with the GDPR draft version, in 2015, in Munich. Defended his MBA thesis about the Regulation, in Bremen, in 2016. In 2020, he was awarded the title of IAPP Fellow of Information Privacy (FIP) thanks to the recommendations of respected experts.


    The course is loading, wait a few seconds