Data Protection and Privacy
Comprehensive advice on data protection, privacy and artificial intelligence for companies, entities and professionals in any sector. GDPR and LOPDGDD implementation, risk management, external DPO, compliance audits and information governance in advanced technology environments. Legal service provided by MES Legal from Barcelona and Madrid.
- 01
GDPR and LOPDGDD implementation
Design and implementation of a data protection policy tailored to the client's operational reality, whatever their sector: commercial, financial, real estate, healthcare, educational, legal, technology or industrial. Preparation of all documentation required for effective and proportionate compliance.
- 02
Privacy legal and contractual documentation
Drafting and review of data processing agreements, information notices, privacy policies, legal disclaimers, internal protocols and other legal and organisational documents required for the client's activity.
- 03
Records of Processing Activities (RoPA)
Preparation, review and ongoing maintenance of the Records of Processing Activities, ensuring it accurately reflects the processing carried out by the entity and remains aligned with the evolution of its operations and regulatory obligations.
- 04
Risk analysis and Data Protection Impact Assessments (DPIA)
Audits, risk analyses and Data Protection Impact Assessments for processing operations that may significantly affect individuals' rights and freedoms. Identification of vulnerabilities and corrective measures to anticipate contingencies and strengthen compliance.
- 05
Security measures and organisational compliance
Implementation of the technical, organisational and legal measures necessary to ensure data confidentiality, integrity and availability, together with the definition of internal protocols, incident management policies and control and supervision mechanisms.
- 06
Data Protection Officer (DPO)
External Data Protection Officer service for public and private sector entities: ongoing compliance monitoring, specialist advice and support in dealings with users and supervisory authorities. Reference figure for privacy matters within the organisation.
- 07
EU Representative (GDPR Art. 27)
EU Representative service for entities established outside the EU that are required to designate one under the GDPR. Acting as the point of contact for any national supervisory authority in the European Union and managing proceedings and communications relating to data protection.
- 08
Data protection compliance audits
Periodic data protection audits to assess the level of regulatory compliance, identify areas for improvement and update the entity's documentary and organisational structure in line with its actual activity.
- 09
Certifications and standards (ISO, ENS, NIS2, DORA)
Support in obtaining and adapting to certifications and standards such as ISO, ENS, NIS2 and DORA, as well as in drafting Codes of Conduct and Binding Corporate Rules (BCR) for multinational structures.
- 10
Artificial intelligence and data protection
Advice on the use of artificial intelligence systems and automated information processing technologies: privacy impact assessment, algorithmic transparency, security and regulatory compliance. Integration of technological innovation with a solid and responsible legal foundation.