- Global site
- Africa
- Americas
- Asia Pacific
- Europe
- Middle East
Corporate accounting and outsourcing Home
Tax and legal news
Most important Latvian tax changes in 2016
Most important Latvian tax changes in 2016
Tax
Changes in taxation, effective as of 1 January, 2023
Tax changes 2023
Data protection
Transmission of personal data to the US – mission impossible?
On 16 July 2020, the European Union Court of Justice (CJEU) passed judgment C-311/18 (Schrems II), invalidating the US-EU certificate programme Privacy Shield, which ensures data transmission security.
Services
Grant Thornton can help you when you need advice on data protection related matters.
In Grant Thornton, the data protection advisory team includes data protection specialists with international data protection certificates, lawyers and IT specialists.
Also, Grant Thornton has local data protection experts in Estonia, Latvia and Lithuania where our specialists speak the local language and have expertise in local data protection legislation.
Data mapping
Document data processes as visual data flow charts or records of processing activities.
Records of processing activities (ROPA)
GDPR requires all data processors to document and record their data processing activities. Grant Thornton maps data processes and using proprietary model puts together a ROPA.
Ensuring compliance of documents and processes
Making sure various processes and documents are compliant with the data protection requirements, including:
- Privacy policy published on the company’s website to informing people of data processing activities of the company to ensure compliance with the GDPR transparency principle.
- The privacy policy will include, when appropriate, cookie policy.
- Data protection policy that includes:
- Explanation to employees how their employer processes their data
- Establishing client data processing rules
- How to respond to data subject access requests
- Data breach policy
- Ensuring compliance of processor or/and joint-controller contracts with the requirements of GDPR.