Data Protection and Privacy

Leverage the expertise of a certified data protection expert in GDPR matters

Does the EU general data protection legislation give you headaches? Applex can help you and your company navigate through the regulation jungle.

We assist both data controllers and data processors in matters related to GDPR (General Data Protection Regulation), data protection and the processing of personal data.  We provide you with comprehensive services for compliance with the EU General Data Protection Regulation (679/2016), such as designing and drafting the necessary data protection documentation to ensure that your organisation’s processing activities and agreements comply with the requirements of the Regulation.

With regard to the GDPR, it is not enough for an organisation to comply with the GDPR, but it must also be able to demonstrate compliance with the GDPR (‘accountability’). This requires the organisation to have a wide variety of GDPR documentation prepared to implement accountability. Such documents required by the GDPR include, for example, privacy statements fulfilling the obligation to provide information, records of processing acitivities (ROPA), data protection impact assessments (DPIAs), transfer impact assessments (TIAs), assessments of the legal basis for processing (such as documentation related to consent and  legitimate interest assessment/balance tests), data processing agreements (DPAs), as well as various internal and external guidelines.

Applex has extensive data protection and GDPR expertise

We help organisations to take care of their GDPR obligations. As part of our service offering, we produce legal data protection analyses to map the current situation of the organisation’s processing of personal data. After the initial assessment, any shortcomings or risks that have arisen will be reviewed in more detail with the organisation. Finally, we compile a data protection report for the organisation’s use, which contributes to accountability and serves as a valuable tool for the organisation to promote GDPR compliance.

We also assist our clients in individual GDPR assignments, such as questions related to the processing of employees’ personal data or requests concerning data subjects’ data protection rights.

Our experts have particularly extensive experience in drafting and negotiating data processing agreements (DPAs) required by the GDPR on behalf of both data controllers and data processors in both Finnish and English. In addition, our experts regularly train companies, associations and public sector operators on data protection legislation and compliance therewith. 

If necessary, we will advise in the event of a personal data breach and assist in preparing the necessary notifications to the data protection authority.  Applex has successfully assisted several of its clients in responding to requests sent by the Office of the Data Protection Ombudsman of Finland.

If GDPR causes concerns or you need help with data protection issues or questions, we are here to help. You can reach us here!


Partner, Attorney-at-Law, CIPP/E

+358 50 326 4454