Data Protection / GDPR

In an increasingly digitalised world, collecting, processing, storing and transferring information has become an integral part of business operations. Such handling of data has become more and more regulated and involves meeting an ever growing number of compliance obligations. Failing to comply with legal regulations puts companies at risk of heavy fines, legal liability and loss of credibility and reputation.

Therefore, comprehensive advice in this area is a standard part of the legal services PRK Partners offers. We provide all clients who gather large amounts of personal data comprehensive services, such as preparing legal analyses, dealing with state agencies as well as representing clients in court proceedings.

In the upcoming months personal data protection will be mainly influenced by

  • GDPR (General Data Protection Regulation),
  • drafted e-Privacy Regulation (proposal for EU Regulation on Privacy and Electronic Communications),
  • NIS (Network Infrastructure Security Directive), and
  • PSD2 (Payment Services Directive 2).

The new legal regulations represent a reform of the EU’s data protection rules. We at PRK Partners are ready to help our clients tackle the issues and address the questions that arise from the new regulation.

Below are a few of the solutions PRK Partners are ready to provide:

  • Preparation of compliance programmes at a reasonable price rate;
  • Implementation of international data transfer mechanisms for data transfers within and outside the EU, including drafting Binding Corporate Rules and other legal tools;
  • Implementation of new rules on cookies;
  • Data Protection Officer – advice on whether the client needs to appoint one and how to find the right person;
  • Advice on the use of online advertising and online profiling;
  • Renegotiation of contracts with data processors;
  • How to exercise the “right to be forgotten” at the lowest possible cost;
  • How to proceed in the event of an ascertained breach of data processing security;
  • How to handle employees’ personal data within multiple countries and jurisdictions;
  • What are the changes that need to be implemented by an organisation’s IT team and what are the deadlines to be met.

In addition to legal advice on specific issues, we offer additional comprehensive solutions regarding the implementation of this significant regulatory reform.

Our services include:

Products and services with respect to GDPR implementation

Comparison for managers of the current regulation with the GDPR

(upon request this comparison can also include the draft e-Privacy Regulation and PSD2)

  • Initial training of managers with respect to the GDPR;
  • Preparation of a comparative table in a format agreed with the managers;
  • Presentation to managers of the main points of the table.

Regular monitoring of forthcoming legislative changes

  • Updates regarding publication of the WP 29’s guidelines, opinions and recommendations; information on the status of the legislative process regarding the draft e-Privacy Regulation;
  • Updates regarding the legislative process and related ongoing discussions in the Czech Republic.

Detailed training of the client’s employees with respect to GDPR, e-Privacy and PSD2

  • In close cooperation with the client we are able to provide employee training in all aspects of the GDPR, e-Privacy and PSD2, focusing on topics tailored to the client’s business.

Audit of regulatory compliance of the client’s current business practices

Ensuring compliance with current regulations is the best way to start preparing for the new GDPR.

  • Comparison for managers, based on the regulatory compliance audit;
  • Presentation for management of the affected areas/departments, explanation of audit questionnaire and method for creating and implementing it;
  • Mapping personal data flows in the client’s organisation based on the questionnaires;
  • Preparation of specific compliance recommendations with respect to current legislation and recommendations with respect to the GDPR.

Full implementation support

  • Audit of existing regulatory compliance as noted above;
  • Recommendations (established in cooperation with the client’s employees) for specific changes in operations and management related to the internal processes, documents and IT systems;
  • Legal support in implementing approved changes, including preparation/drafting and supervision/control of new documents; legal support in public procurement;
  • Detailed training of the client’s employees regarding the GDPR based on what was revealed in the regulatory compliance audit;
  • Consulting the necessary changes with the Office for Personal Data Protection;
  • Monitoring forthcoming legislative changes as they relate to compliance with existing/new regulations;
  • Ad hoc legal support in implementing changes within an agreed timeframe (up to 12 months).


  • Representation of the client with the aim of pushing specific solutions through the legislative process.

Ad hoc legal advice

In line with the clients’ specific requests, we provide ad hoc legal advice in specific areas of data protection.


PRK Partners

PRK Partners is a leading law firm in the Czech Republic and Slovakia. Our team of experienced lawyers in the field of ICT law and data protection will provide the support you need.