The European Regulation 2016/679 (GDPR) and Legislative Decree 101/2018 provide for numerous formal requirements for companies with regard to data processing and data protection, as well as substantial penalties for failure to adopt the mandatory requirements set out in the legislation. 

Data Protection Due Diligence constitutes a significant means of control for the purposes of assessing the company's activities and compliance with data processing and protection regulations. It also represents a means of preventing and managing risks related to the commission of criminal and administrative offences in violation of data processing regulations. 

The team of qualified professionals of RSM Legal Italia STA is ready to assist companies and entities in GDPR Due Diligence, which includes the following main activities:

  • verification of the company's compliance with regulations on the processing and protection of personal data;
  • verification and assessment of any risk situations relating to data processing and security in order to prevent criminal and/or administrative liability;
  • assessment of the systems/models adopted by the company: Information Security Management System ISO 27001 and Organisation Model adopted under the GDPR. 

GDPR Due Diligence activities will enable RSM Legal Italia STA's clients to achieve significant compliance and risk prevention benefits in the following:

  • compliance with the Personal Data Protection Regulation (GDPR);
  • prediction and prevention of risks of violations of data processing and protection regulations and potential future sanctions, including criminal sanctions;
  • mitigation of the risk of crime related to the acquisition of a new partner and correct assessment of the purchase value in the preparation of M&A or other corporate transactions.