Your business decision regarding GDPR compliance is supported by Crowe Romania

The UE General Data Protection Regulation 679/2016, applicable from May 25th 2018, imposes on your company the obligation to comply with these new European provisions.

The partnership with Crowe Romania offers you all needed information, support and expertise, under the current economic context and suitable for your business approach, in order to fully identify, analyze and implement together the procedures and measures required by this regulation, and customize them accordingly.

Crowe Romania brings support to your decision with a team of technical experts, legal and business consultants so that the implemented organizational measures to have a sustained and efficient rate, to follow all stages of mandatory compliance, to strictly observe the law and to build an unitary framework for constantly respecting these measures.


How do we proceed?

  • We analyze all business processes and inventory all personal data
  • We establish if you are a controller or / and processor, as well as the most appropriate legal grounds for you can continue processing
  • We prepare GAP analysis and report non-compliance regarding GDPR
  • We perform a risk analysis on the personal data processing you perform and focus on high-risk ones
  • We provide you drafts with all the required documents regarding employees and we advise you on how to deal with them according to the specifics of your business
  • We analyze all your commercials partners and establish, fairly, your relationships with them according to GDPR requirements
  • We advise you to properly assess the compliance of suppliers, who are empowered and that you are responsible for, according to GDPR requirements
  • We make the inventory for the used data infrastructure and support your IT department to apply the correct and compliant measures according to the processed personal data
  • We offer you a complete set of policies and procedures to manage the rights of data subjects, data breaches, data transfers, impact analysis and relationship with Supervisory Authority
  • We will meet you every time necessary to make personal data processing records required for controllers and / or processors
  • We prepare you so that you can internally manage all aspects of personal data protection, by properly managing the roles and responsibilities your employees will have
  • We duly document all data processing you make to comply with GDPR requirements, with the requirements of Romanian legislation and taking into consideration the international practice of the European Supervisory Authorities
  • We advise and guide you to carry out impact assessment and all requests for consultation to Supervisory Authority
  • We provide trainings and testing materials for your staff
  • We assist you in post-implementation whenever needed, including emergency situations when you have to deal with Supervisory Authority

Why outsourcing ?

  • Because the required level of know-how is high
  • Because the GDPR kits and generic documents do not comply GDPR requirements
  • Because each of your business processes is different and needs to be addressed accordingly
  • Because you need adequate information regarding the supervisory procedures of the Supervisory Authority
  • Because we are constantly up to date with the ANSPDCP, EPDB and European Law on personal data protection

Other GDPR services

For your business we also offer the following services:

  • External DPO
  • Implementation and post-implementation audit services
  • Infrastructure IT audit
  • Assistance in case of an ANSPDCP control
  • Staff Trainings
  • ‘’On call’’ consulting