Our dedicated team’s experience in Personal Data Protection and Cybersecurity, supported by their international expertise, is the ideal support to help organizations manage compliance with privacy and data security regulations in every national and cross-border business project.
Princivalle Apruzzi Danielli provides support to clients in the Italian and international markets for compliance with the principles of EU Regulation 2016/679 (GDPR) and personal data protection regulations.
Within the scope of assessment and ongoing consultancy activities, the professionals at Princivalle Apruzzi Danielli Law Firm, with the aim of improving and preserving the accountability of the data controller, analyse privacy related risks, conduct Data Protection Impact Assessments (DPIA), and draft records of processing activities and documentation compliant with regulations, including:
The services the firm provides include conducting audits and simulating inspection activities, as well as managing proceedings before the Supervisory Authority and judicial disputes related to privacy and personal data protection.
In the case of defensive investigations, the law firm and its consultants handle the collection of evidence for risk mitigation and assist clients with training activities for employees.
Some of the lawyers at Princivalle Apruzzi Danielli Law Firm are members of national associations for the protection of personal data and hold the position of Data Protection Officer (DPO) in medium to large companies.
In cases of litigation related to privacy law infringements, data breaches, or data theft, the firm assists clients in defending their rights before Courts and competent Authorities.
Moreover, the firm has conducted frequent training sessions on these matters for private clients and at universities in the UK.
The management of legal issues related to technology cannot disregard the requirements of cybersecurity. Therefore, our professionals are also well-versed in security systems, assuming the role of cybersecurity managers and translating the technological requirements suggested by applicable regulations or best practices from various private and public sectors into practical terms.
The comprehensive support provided to clients includes risk prevention through the adoption of industry security standards and international frameworks, as well as the management of security incidents that may compromise corporate information assets.
Industries served include software manufacturers, ISPs, startups, technology providers, digital marketing and web agencies, the food industry, writing instrument and stationery companies, financial intermediaries and credit mediators, and the retail sector.
On December 21, 2023, the Italian Data Protection Authority issued a guidance with material implications for employers on the collection and retention of metadata relating to employees' email accounts. In this article, we will examine the impact of this provision and the compliance requirements imposed on employers to adhere to said provisions.
ENISA's data processing risk analysis method is a valuable tool for small and medium size organizations seeking to protect sensitive information and comply with data protection regulations