Protection of Personal Data 

Our dedicated team’s experience in Personal Data Protection and Cybersecurity, supported by their international expertise, is the ideal support to help organizations manage compliance with privacy and data security regulations in every national and cross-border business project. 

Data Protection 

Princivalle Apruzzi Danielli provides support to clients in the Italian and international markets for compliance with the principles of EU Regulation 2016/679 (GDPR) and personal data protection regulations.
Within the scope of assessment and ongoing consultancy activities, the professionals at Princivalle Apruzzi Danielli Law Firm, with the aim of improving and preserving the accountability of the data controller, analyse privacy related risks, conduct Data Protection Impact Assessments (DPIA), and draft records of processing activities and documentation compliant with regulations, including: 

• notice for data subjects pursuant to Articles 13 and 14 of the GDPR, structuring the Record of Processing Activities according to Article 30 of the GDPR, consent forms, data processing agreements under Article 28 of the GDPR, authorization for personnel processing personal data on behalf of the data controller or data processor under Articles 29 and 32 of the GDPR, and related instructions, etc. 
• structuring policies for the management of organizational models, the assessment and management of security incidents (data breaches), and the management of data subjects’ rights and applications 
• structuring and drafting legitimate interest assessment for balancing the legitimate interest 
• structuring policies for the use of video surveillance systems. 
• implementation of compliant business projects, fully aligned with personal data protection regulations, known as privacy by default and by design, as well as in challenges related to the circulation and transfer of personal data or the use of cookies and online tracking, professionals assist clients in managing data breaches, collaborating with cybersecurity and forensics professionals 

The services the firm provides include conducting audits and simulating inspection activities, as well as managing proceedings before the Supervisory Authority and judicial disputes related to privacy and personal data protection.
In the case of defensive investigations, the law firm and its consultants handle the collection of evidence for risk mitigation and assist clients with training activities for employees.
Some of the lawyers at Princivalle Apruzzi Danielli Law Firm are members of national associations for the protection of personal data and hold the position of Data Protection Officer (DPO) in medium to large companies.
In cases of litigation related to privacy law infringements, data breaches, or data theft, the firm assists clients in defending their rights before Courts and competent Authorities.
Moreover, the firm has conducted frequent training sessions on these matters for private clients and at universities in the UK. 

Cybersecurity 

The management of legal issues related to technology cannot disregard the requirements of cybersecurity. Therefore, our professionals are also well-versed in security systems, assuming the role of cybersecurity managers and translating the technological requirements suggested by applicable regulations or best practices from various private and public sectors into practical terms.
The comprehensive support provided to clients includes risk prevention through the adoption of industry security standards and international frameworks, as well as the management of security incidents that may compromise corporate information assets.
Industries served include software manufacturers, ISPs, startups, technology providers, digital marketing and web agencies, the food industry, writing instrument and stationery companies, financial intermediaries and credit mediators, and the retail sector.