Skip to content
White Label Consultancy Logo White // Privacy and Data Protection // Strategic Advice

White Label

Data Protection Impact Assessment

A Data Protection Impact Assessment goes beyond a rigid application of the legal requirements. It requires an interdisciplinary approach and experience.

Key element of Data Protection Impact Assessment is understanding the underlying technology. We bridge the gap between technology and law by having experts in both fields work side by side to assess your project.

Data Protection Impact Assessment // White Label Consultancy
Reach out!
  • We make sure to truly understand the technology before starting the assessment
  • We provide you with an assessment framework that meets the requirements of GDPR
  • You benefit from our developed taxonomy of data protection risks
  • We apply our risk management expertise to help you balance the risks
  • We suggest how risks can be mitigated
    • Our Approach
    Our Approachby Magdalena Góralczyk
    We have hands-on experience assisting with DPIAs concerning the implementation of the following product categories:

    • Employee monitoring technologies, CCTV operations
    • Collaboration tools with employee-tracking elements
    • Technologies supporting Security Operations Centre (SOC)
    • Large projects involving changes in telecommunications infrastructure
    • Analysis of movement patterns and movement data (‘smart cities’)
    • Use of wearable devices for health monitoring
    • AI-powered automated process improvement
    • Cloud-based outsourcing
    • Enterprise adoption of Google, Microsoft and Amazon products (for example Google Translate, Office365 or Amazon Alexa)
    • Building of an enterprise-wide Data Lake
    • Secondary use of data, including that related to health or mobility
    • Data collection, analysis and profiling in the ad-tech environment.
    Our Experience
    Our Experience
    According to art. 35 of GDPR initiatives involving certain uses of data must undergo mandatory Data Protection Impact Assessment (DPIA). Such DPIA looks at the risks that the intended use of data may cause to people whose data are to be processed. In particular your organisation will require a DPIA when your intended processing of personal data:

    • Introduces new technology
    • Is carried out on a large scale
    • Involves automated decision making, profiling
    • Tracks location of people
    • Entails employee monitoring activities or public surveillance
    • Involves data of children or other vulnerable groups of people
    • Includes sensitive types of data such as genetic, biometric or otherwise health related.

    From Legal Point of view
    From Legal Point of view
    Previous
    Next

    By working with us and utilising our broad experience, you can have your DPIA done effectively and efficiently. Our goal is to make sure the outcomes we provide are constructive.

    We understand that the nature of certain technologies leads to inherent conflicts of certain data protection principles (e.g. big data vs. data minimisation principle, or AI vs. transparency principle). In such situations, certain trade-offs may be acceptable, but they must be applied with extreme caution. Our knowledge of technology and deep experience in practicing data protection puts us in a good position to guide you through these challenges.   

    Data Protection and Privacy // White Label Consultancy

    Get in touch!

    Schedule a conversation with us or drop us a mail to see how we can help in shaping your strategic privacy and data protection position!

    Contact