GDPR advisory

In today's world, even as a small and medium-sized entrepreneur, we have a lot of data to deal with, just think of the lists of clients, the various employee records, the CVs of candidates that we keep. From 25 May 2018, the protection of individuals' data in Hungary is also governed by the new EU Data Protection Regulation.

Data protection has become a priority since the GDPR came into force, so your company must also comply with the requirements of the regulation.? GDPR is an acronym formed from the initials of the General Data Protection Regulation, in Hungarian?”általános adatvédelmi rendelet”. The GDPR came into force in the 28 EU Member States, including Hungary, in May 2018, and it fundamentally changes the previous data protection routine. It's no coincidence that it is considered one of the strictest regulations: the National Authority for Data Protection (NAIH) can impose fines of up to €20 million (HUF 6 billion) on those who do not comply with data protection rules.

This compliance may also require GDPR advisory. However, compliance implies a review of the organisation and its data management processes, the creation of a data map, an audit, the creation of action plans, their implementation and regular monitoring.

Companies often only become aware of irregularities in their data processing operations when they are already being prosecuted by the data protection authority.? But it is worth avoiding a fine of several million euros and seeking the help of GDPR consultants before the authorities arrive.  During the data protection audit, we assess the customer's personal data management. Based on the results of the audit, we make tangible, practical recommendations to ensure that the audited company is as compliant as possible with data protection legislation and the regulatory and judicial standards based on it. We prepare the  internal data management policy of the company for our customers based on the information assessed during the data protection audit. Our GDPR advice covers the use of telephone, email, internet and other methods of electronic surveillance (camera systems, GPS tracking, access control systems). The specific requirements for these and the preparation of the related privacy notices are all part of our privacy package.

We constantly monitor changes in legislation on data management.We are ready to advise you on the changes your business is facing and how to prepare for them. During our personal assessment, we assess the specific processing operations, the data subjects, the legal basis for the processing and make proposals to resolve them. 

On request, we review existing documentation for GDPR compliance and report our findings.

We prepare the following documents for our customers in the course of preparing the data protection and data management policies:

GDPR Regulation

Data sheet

Withdrawal of data processing

Declaration for personal data processing

Consent to personal data processing by third parties

Terms and conditions of data management for employees

Terms and conditions of data management for third parties

Employee information/statement

Information on medical assessment

Addendum to contract with a natural person

Legal representative Declaration

Incident logbook

Confidentiality statement

Automatic reply email (job applicants)

Updating and customising the terms and conditions on website

Data controller - data processor sample contract

Interest assessment tests (where appropriate)

Employee statement

Register of data controllers



If you need assistance in regulating data management or legal compliance of your company please contact us! 


Contact details: 

Péter Gulyás