All clients who handle personal information on EU citizens must be GDPR compliant. We offer consulting services to help clients become GDPR-compliant. Our normal lawyer for this work is Stephan Grynwajc.
Here's our basic structure for each client/project:
- Lawyer / 3-party Audit
- Website details - We meet and give a tour of the full websites(s), what they do, what they store, and where - Cantilever will fill in the details around the website and how data is stored/transported within the website.
- Downstream Audit - Meet with Client and Cantilever and lawyer to determine and document what the client does with the data after the data is stored on the website.
- The lawyer provides a consolidated punch list of requirements for each site to be compliant. They send to us and the client.
- We provide an estimate for items that affect the website and get it approved.
- We do the work.
- We walk through the changes with you and show them how things have changed.
- The lawyer provides a letter of assurance that to the best of their knowledge, the site is in compliance with EU privacy laws.
Independently, the lawyer can work with clients on how they manage the data once it reaches their own computers/databases. Billing is handled separately.