Menu
Data protection and privacy
– Adaptation service to Law 29/2021, of October 28, Qualified Protection of Personal Data (LQPD) and Decree 391/2022, of 9-28-2022, approving the Regulations for the application of Law 29/2021, of October 28, Qualified Protection of Personal Data.
– Advice, consulting and daily support for compliance with the law.
– Business training service.
A project in 3 phases
We accompany you in your adaptation project to the new GDPR law, building the project in 3 phases:
1. Registration phase: Preparation of the Treatment Activities Registry (RAT) + Risk Analysis and Impact Assessments (AREI).
2. Procedures phase: Review and adaptation of data processing of: clients, workers, students, candidates, suppliers, collaborators, video surveillance systems, marketing, websites and other data processing related to any group. Consent clauses, informative clauses and posters, employment contracts, contracts with suppliers, treatment commission contracts, legal texts on websites, internal protocols and policies, any other necessary legal document.
3. Training plan: Annual in-person, live or online training plans with objective achievement test and business certificate.
Trademark and patent services
Application of measures and controls with the aim of achieving the confidentiality, integrity and availability of the company’s data. Joint work with the data protection service.
Domain management
Second-degree DNS domain name registration management: .ad
Use of State signs
Personalized advice to natural or legal persons to obtain authorization to use the distinctive signs of Andorra.
Data Protection Officer
Development of the tasks of their position listed in the regulations (art. 38.7 LPQD art. 23 LQPD application regulations), by a team of professionals who meet the requirements, knowledge and qualifications (art. 38.5 LQPD and 22 LQPD application regulations LQPD application).
In case of hiring, the Officer’s service can be external or collegiate, and includes a series of work hours that the company may take advantage of for consulting purposes.
Periodic meetings
Periodic meetings (monthly, quarterly or semi-annual) to monitor the project. Likewise, the service includes daily consulting on privacy matters.
Creation of evidence
Preparation of the call for meetings with a specific agenda. Preparation of minutes of meetings in which the content of the meeting, the decisions taken and the tasks to be carried out are recorded.
Information security programs
Application of measures and controls with the aim of achieving the confidentiality, integrity and availability of the company’s data. Joint work with the data protection service.
Information Security Management Systems (ISMS)
Implementation of Information Security Management Systems with the objective of obtaining ISO/IEC 27001 + ISO 277001 (ISO/IEC 27009) certification.
Business continuity and disaster recovery plans (BCP/DR)
Establishment of measures to guarantee business continuity in the event of a disaster (Business Continuity Plan / Disaster Recovery).
Smart Contracts
Advice on Smart contracts and blockchain technology. Programming of Smart Contracts on the Ethereum network, under the Solidity language and ERC-20 and ERC-721 standards.