top of page

Expert Privacy Compliance Services 

Tailored Solutions to Ensure Your Privacy Program Rocks

My experience has seen me facing some very interesting challenges. I bring together experience and strategy acquired working with companies in digital services, automotive, IT, AdTech, banking, online stores, healthcare and more. I've assisted in the management of companies whose activity “touched” millions of people. As the Chinese would say - I’ve looked into the eyes of the dragon and lived to tell the tale.

Services

Providing you with results. 

Creating and managing your privacy program and team.

Professional Data Protection Officer service under the EU and UK General Data Protection Regulation.

External DPO Service

Partnering with me to act as your external DPO provides your organization with the hyperspecialized  expertise needed to navigate the complexities of GDPR compliance effectively, as well as an impartial perspective, free from internal conflicts of interest. By outsourcing your DPO responsibilities to me, you can focus on your core business operations while ensuring a robust data protection compliance program is in place.

The content of the services will be fully tailored to the needs and risk profile of your organization

Tall Buildings

EU Data Protection Compliance Services

EU data protection requires tailored, practical solutions. My compliance services offer the expertise and support needed to address complex privacy challenges, ensuring your organization meets regulatory obligations with confidence

1

Processing Activity Records

Inventory of data processing activities, gap analysis and recommendations.

2

Data protection impact assessments

Risk identification and suggestions for mitigation, evaluation and determination of appropriate grounds for processing, legitimate interest assessments and privacy notices review. 

3

Assessment of processor compliance

Evaluating third-party processors to ensure they meet EU data protection requirements, including a review of the processor's practices and of contractual obligations to assess risks and identify mitigation measures.

4

Data Protection Agreements

Drafting, review and negotiation services for processor agreements, including the interplay with Standard Contractual Clauses, as well as joint controllership agreements, data sharing agreements, and other data related contracts.

5

Transfer Impact Assessments

Evaluating the risks associated with data transfers outside of the EU, including assessing the adequacy of safeguards in place, and recommending measures to mitigate potential compliance risks.

6

GDPR Gap Analysis / Compliance Review (Audit)

Measuring the level of compliance for selected data processing activities, or more broadly for departments or legal entities. 

7

Europrivacy Implementation Support

Europrivacy is currently the only pan-European GDPR certification scheme. Certification can greatly benefit a business as it conveys a high degree of commitment to protecting personal data. As a certified Europrivacy implementer, I can help your business prepare for certification. 

8

Embedding Privacy in Product Development

Having policies in place that require privacy to be considered from the outset is great, but without operationalisation through adequate responsibilities and processes, you will be left with paper compliance. I work with teams to embed privacy directly into development, in order to create products that are compliant by design, not just on paper. 

9

Data Breach Response

Comprehensive support for data breach response, including immediate containment and assessment of notification requirements in accordance with EU data protection requirements. 

10

Data Subject Rights Management

Assistance with the management and fulfilment of data subject rights requests, including access, rectification, deletion, and automated decision making, in accordance with EU data protection law.

11

ePrivacy Compliance Advice

I provide tailored advice and guidance concerning website compliance (design, trackers, cookie banners), marketing campaigns, commercial emails, but also IoT device notices, choices and and settings. 

Quick tip - it's not GDPR requiring consent.

12

...And More

If you need additional support with any aspect of EU data protection law, I have you covered. From unique compliance challenges to evolving regulatory requirements, I offer tailored solutions to meet your organization’s specific needs.

Black and white scene

External Data Protection Officer

Partnering with me to act as your external DPO provides your organization with the hyperspecialized  expertise needed to navigate the complexities of GDPR compliance effectively, as well as an impartial perspective, free from internal conflicts of interest. By outsourcing your DPO responsibilities to me, you can focus on your core business operations while ensuring a robust data protection compliance program is in place.

The content of the services will be fully tailored to the needs and risk profile of your organization.

Abstract Architecture

Privacy Program Management

  • Dimensioning and Setting Up a Privacy Team

  • Setting Up a Privacy Program

  • Establishing Metrics and Reporting

  • Assessing Privacy Program Maturity

  • Policy Writing

  • Bespoke Training Programs

  • Creating Risk Assessment Processes

  • Setting Up Third Party Risk Management

  • Setting Up Privacy by Design and Default Processes

  • Template Creation

EU Data Protection Compliance Services

  • GDPR Certification Preparation under the Europrivacy scheme

  • Data Protection Audits

  • Embedding Privacy in Product Development

  • Data Protection Agreements

  • Transfer Impact Assessments

  • Data Protection Impact Assessments

Modern Concrete Architecture

What Clients Say

Andreea was our privacy expert during a complex project. Her extensive data privacy knowledge and her great negotiation & leadership skills during the negotiations facing the customers legal & privacy teams was instrumental  I am extremely happy to have Andreea as a team player leading difficult negotiations on privacy matters.

Peter, Sweden

“Andreea has a strong work ethic, is meticulous, dedicated and dependable. In addition to her professional skills, she has a real passion for data protection and continuous learning, and for sharing her knowledge.”

Marie, USA

“Working with privacy and data protection has been life-changing, all thanks to Andreea. She was my inspiration to dive into this field. Andreea has an incredible ability to translate the hardest and most abstract concepts into real-life application. Unlike other courses, I can always immediately apply the knowledge I gain.”

Fernanda, Brazil

Ready to take your privacy program to the next level?

Data Protection Lawyer

clients say

Kind Words

“Andreea was our privacy expert during a complex project. Her extensive data privacy knowledge and her great negotiation & leadership skills during the negotiations facing the customers legal & privacy teams was instrumental  I am extremely happy to have Andreea as a team player leading difficult negotiations on privacy matters.”

Peter, Sweden

“Working with privacy and data protection has been life-changing, all thanks to Andreea. She was my inspiration to dive into this field. Andreea has an incredible ability to translate the hardest and most abstract concepts into real-life application. Unlike other courses, I can always immediately apply the knowledge I gain.”

Fernanda, Brazil

“Andreea has a strong work ethic, is meticulous, dedicated and dependable. In addition to her professional skills, she has a real passion for data protection and continuous learning, and for sharing her knowledge.”

Marie, USA

Contact

It  takes  less  time  to  do  a  thing  right  than  to  explain  why  you  did  it  wrong.


Henry Wadsworth Longfellow

Request a Quote or an Intro Call

Let's discuss your needs or your vision and how I can help you make them happen!

If you need to provide longer details, please email me at hello[@]privacycraft.pro.

Colorful Envelopes

Ready to take your privacy program to the next level?

Let's discuss your needs or your vision and how I can help you make them happen!

If you need to provide longer details, please email me at hello[@]privacycraft.pro.

The Foundation

When you build a world, you must be careful to provide it with a strong and lasting foundation. Businesses, both big and small, are miniature worlds where the brand is highly defined by the relationship with the clients. Today, and ever more so in the future, the observance of the regulations related to the processing of personal data (of clients, users, employees, etc.) is becoming a hallmark in defining trust in a brand, and the source of significant competitive advantage.

Privacy Program Management

Comprehensive privacy management solutions to integrate privacy into every aspect of your organization, from team setup and risk management to privacy by design

1

Dimensioning and Setting Up a Privacy Team

Assessing and establishing a privacy team tailored to your organization’s needs, including defining essential roles, responsibilities, and reporting structures to ensure compliance with privacy laws on a global scale. This service provides a strategically structured team equipped to manage risks and integrate privacy across the organization effectively.

2

Setting Up a Privacy Program

Developing a comprehensive privacy program that aligns with your applicable privacy laws. This service includes establishing a framework as well as policies and processes tailored to your organization’s needs, creating a solid foundation for effective privacy management in a multi-country context.

3

Establishing Metrics and Reporting

Defining key metrics to measure the effectiveness of your privacy program and the performance of your privacy team. This service also establishes structured reporting processes to provide management and other stakeholders with clear insights into privacy compliance and program efficiency.

4

Assessing and Advancing Privacy Program Maturity

Evaluating the current maturity level of your privacy program and identifying areas for growth to align with industry best practices and regulatory expectations.

5

Drafting Policies and Procedures

Creating tailored privacy policies and procedures that align with global regulatory requirements and best practices. This service ensures your organization has clear, actionable documentation to guide compliance efforts, manage data handling processes, and support a robust privacy culture across all levels.

6

Bespoke Training Programs

Developing tailored training programs, including in-depth training for privacy professionals as well as targeted sessions for other teams, such as training software developers on embedding privacy into their development process from the outset.

7

Privacy Risk Management Implementation

Implementing a comprehensive privacy risk management process that addresses risks across the organization. This service establishes structured procedures for identifying, assessing, and mitigating privacy risks beyond just PIAs.

8

Setting Up Third Party Risk Management

Establishing a structured third-party risk management process to evaluate and monitor privacy risks associated with vendors, partners, and other third parties.

9

Setting Up Privacy by Design and Default Processes

Creating and embedding Privacy by Design and Default processes throughout your organization to ensure that privacy considerations are integral to every stage of product and service development. This service establishes protocols and accountability for integrating privacy proactively, from initial planning through to deployment, helping to achieve compliance and build trust by design.

10

Template Creation

Developing customized templates to streamline privacy compliance efforts across your organization - privacy impact assessments, data processing agreements, data subject request responses, and other key documents, ensuring consistency and efficiency in meeting regulatory requirements and internal privacy standards.

12

...And More

From specialized compliance frameworks to customized privacy solutions, I provide comprehensive services to address every aspect of your privacy program. 

bottom of page