General Data Protection Regulation (GDPR) compliance

The General Data Protection Regulation (GDPR) was introduced already in 2018. However, every single day we encounter clients who seek professional advice in order to ensure sufficient protection of their personal data. What makes this area so specific?

Proper compliance has its pitfalls; technology is constantly evolving, and it is necessary to regularly monitor changes, flexibly respond to progress and adapt corporate processes to it. Compliance in the field of personal data protection and information security is one of the top priorities of our clients across all industries. In the event of non-compliance with regulatory provisions, companies can suffer both in terms of finance through heavy fines and penalties, as well as the loss of the company's reputation and consequently, market position.

Thanks to a multidisciplinary team made up of experts in law, process management and IT, at Deloitte we provide you with comprehensive expert advice on the impact of the GDPR on documentation, processes and information systems. We will advise you on how to properly manage the regulatory and reputational risks of your business and offer regulatory compliance support.

Our services

GDPR implementation and audit

Whether it is newly formed entities or mergers/acquisitions of companies, at Deloitte we will provide you with comprehensive implementation of regulatory requirements or will increase the level of your compliance by implementing the proposed recommendations through the execution of a GDPR audit.  

We will arrange for you:

  • Internal audit of the existing processing procedures (including a solution design)
  • Implementation of technical, legislative and procedural changes arising from regulatory requirements
  • Set-up of internal procedures for the personal data processing
  • Creation or review of relevant documentation
  • Professional support for the performance of the activities of the Data Protection Officer (DPO)
Compliance programme digitalisation

We are engaged in the implementation of tools for the automation and more efficient management of the GDPR compliance programme. 

We will arrange for you:

  • Automation of data management and related activities (e.g. Records of processing activities, PIA/DPIA methodology, Privacy by Design)
  • Data anonymisation solutions
  • Vendor management
  • Cookie management
  • Consent management
  • Access to the most up-to-date legislative changes and information
Data security in the digital world 

We focus on assessing the level of data security in information systems and incorporating a compliance process to ensure appropriate data security at all stages of your IT product development. 

We offer you:

  • Analysing comprehensive IT systems and applications from a data security perspective
  • Designing and implementing functional requirements according to the GDPR in information systems
  • Incorporating privacy into the entire life cycle of technologies and agile project management (Privacy by design)
  • Implementing compliant data monetisation
  • Prevention and design of solutions to security incidents or cyberattacks

Contact us

Zuzana Řežábková

Zuzana Řežábková


Zuzana is a Manager in the Risk Advisory function of Deloitte Czech Republic specialising in Regulatory and Compliance risk management and leads the data privacy practise in Risk Advisory. Her experti... More