Areas of Activity
Privacy GDPR 2016/679
Cecinelli & Partners Law Firm provides legal advice and support in relation to all matters concerning the updating of the European Data Protection Regulation 2016/679 (GDPR).
In recent years the term privacy has become part of common usage and, in the Italian legal system, we can identify it as the right to privacy of the individual with respect to any interference or disclosure of his/her data by third parties without authorisation.
If up to now, in Italy, privacy legislation has been repeatedly "circumvented" and/or never taken into consideration by Italian companies, the European Regulation for Data Protection n 2016/679 (GDPR) has made it mandatory in all the member countries to respect their 99 articles, which provide for numerous fulfilments of varying magnitudes. Some are simple to understand, especially if they are inherited from the previous regulatory framework. Others, however, are completely new, specifically tailored to the technological society and its invasive capacity in data subject privacy.
In detail, the Cecinelli & Partners Law Firm offers its expertise in:
- consultancy for the correct processing of personal data and control of the documentation relating to privacy, with particular focus on the changes introduced by the GDPR, relations with external managers, relations with data controllers, new rules on information and consents, privacy by design, privacy by default, keeping a register of processing activity, data breaches, DPIA - Data Protection Impact Assessment and data security, DPO - Data Protection Officer, right to erasure ("right to be forgotten"), right to data portability andtraining and education of the "appointees".
- Updating of existing documentation based on the new features of the GDPR.
- Preparation of the various types of information (clients, suppliers, employees, websites, etc.)
- Control of communications with the Guarantor Authority for the protection of personal data
- Affiancamento presenza sul posto in caso di accertamenti e ispezioni da parte dall’Autorità garante per la protezione dei dati personali and on-site support presence in the event of checks and inspections by the Guarantor Authority for the protection of personal data.
The regulation specifies various penalties for those who do not apply it correctly. In fact, omitted or unsuitable information implies a limitation of the informative self-determination of the interested party and is punished by Art.161 of the Privacy Code. This is a provision that provides for a fine, ranging from three thousand to eighteen thousand euros, in the event that the omitted or inappropriate information refers to personal identification data, but in some cases there is also an increase in the penalty from five thousand to thirty thousand euros.