Data Protection

Cugia Cuomo & Associati provides regulatory assistance in the area of privacy and data security. The firm, in particular, regularly advises electronic communications operators, including internet content providers, broadcasting companies, private entities that process personal data within the framework of information systems used for the purposes of consumer credit and/or concern reliability and timeliness of payments and/or commercial information, referring to the implementation of the security measures for the protection of personal data, conducting activities' of:

 

GDPR Compliance

  •  General Data Protection Regulation  (GDPR) and Italian Data Protection Code compliance check;
  • GDPR Compliance traning;
  • Draft of Data Protection Impact Assessment (DPIA);
  • Assistance on information and data subject rights;
  • Assistance on General Obligations of Controller and Processor;
  • Assistance on implementation of appropriate technical and organisational measures to ensure a level of security appropriate to the risk;
  • Advice on notification of data breach to the authorities and consumers, implementation of data retention policies in the IT industry, policies, including procedures for access to personal data of users,
  • Appointments of Data Processor, person in charge of processing , System Administrator figures, and Data Processor Officers;
  • Advice on records of processing activities;
  • Analysis of the network architecture and the security measures;
  • Advice on transfers of personal data to third countries or international organisations;
  • Advice on Binding corporate rules;
  • Compliance with call center regulation;
  • Drafting and / or review of company privacy policies,
  • Drafting and / or review of privacy and cookies policies on the website;
  • Drafting of models of agreement to the privacy policies, also in relation to commercial and advertising activities
  • Drafting or review of standard of written statement related to the consent of the data subject's agreement to the processing of personal data relating to him or her;
  • Assistance related to Obligations Applying to Providers of Publicly Available Electronic Communications Services
  • Compliance of IT databases for the filing of traffic and personal data;
  • Definition of minimum standards of data processing (strong authentication, logging, remote administration, etc.)
  •  Compliance with rules applicable to the data retention;

GDPR Litigation

  • Assistance in case of litigation both in front of the ordinary Courts and of the Special Authorities

DPO as a service (GDPR)

Companies may appoint an external Data Protection Officer, which has expertice in privacy law. In this regard, The Firm  provides our Clients with DPO service in order to allow such companies to be assisted by our team of professionals on GDPR matters. 

*

The Firm has also a deep knowledge of IT sector specific privacy regulations, particularly as mobile communications are concerned, as, for instance, regarding matters of:

  • IoT and M2M;
  • users geo-localization
  • users profiling for marketing purposes;
  • legal profiles relating to chronologic and typing-related web searches
  • definition of actors responsibilities in relation to IT products (telecoms operator, application developer, software developer, content provider, advertiser)

 

Firm news

dic20

20/12/2024

Legge annuale per il mercato e la concorrenza 2023

E'entrata in vigore il 18 dicembre 2024, la Legge 16/12/2024, n.93, legge annuale per il mercato e la concorrenza 2023, pubblicata nella Gazz. Uff. 17 dicembre 2024, n. 295, che oltre a definire nuove

dic20

20/12/2024

Settore Automobilistico:Responsabilità per danno da prodotti difettosi: un fornitore può essere considerato produttore se il suo nome coincide con il marchio apposto sul prodotto dal fabbricante

La Corte di Giustizia dell'UE, con la sentenza causa C-157/23 | Ford Italia ha chiarito che al fine di garantire la tutela del consumatore, la responsabilita` solidale del fornitore e

dic20

20/12/2024

Nis, registrazione sulla piattaforma ACN e assistenza: info utili

Dal 1° dicembre 2024 al 28 febbraio 2025 è attiva, sul sito dell'Agenzia per la cybersicurezza nazionale, la piattaforma per la registrazione: apre un link esterno delle organizzazioni

Lawyer News

gen22

22/01/2025

Patente di guida: il vademecum

L’applicazione delle sanzioni amministrative

gen22

22/01/2025

Intelligenza artificiale: breve vademecum per giuristi

<p>L’articolo fa il punto in materia

gen22

22/01/2025

Pena sospesa subordinata alla partecipazione corsi di recupero: occorre il consenso del reo?

<p>La sentenza della <a href="https://onelegale.wolterskluwer.it/document/10SE0002946823"