Audit and adaptation

GDPR audit to move from apparent compliance to genuinely defensible compliance.

Legal and technical review of processing activities, documents, vendors and applied measures to detect gaps, prioritise actions and reduce exposure.

Request a GDPR audit See External DPO
When it makes sense

A GDPR audit is especially useful when the company no longer wants to manage privacy blindly.

Common situations

  • Business growth and an increase in processing activities or vendors.
  • Documentation that is outdated, incomplete or poorly aligned with reality.
  • Rolling out new tools, CRM, ERP or systems handling personal data.
  • Doubts about video surveillance, cookies, breaches or international transfers.

Business objective

  • Reduce the risk of claims and penalties.
  • Build greater trust with clients and partners.
  • Prepare for internal audits or contractual requirements.
  • Create an orderly basis for future decisions.
What we review

Privacy, documentation and how things really work.

Documentary review

  • Records of processing activities, policies and privacy notices.
  • Contracts with processors, forms and internal procedures.
  • Consistency between texts, processing activities and legal basis.

Operational and technical review

  • Data flows, access, retention, security and vendors.
  • Potential gaps between what is documented and what actually happens.
  • Organisational and technical measures appropriate to the level of risk.
Methodology

Four steps to turn the diagnosis into useful decisions.

1Initial meeting

We define scope, context, critical processing activities and the client's expectations.

2Documentary review

We analyse the documentary basis and how the organisation informs, contracts and manages data.

3Operational check

We validate processes, tools and technical measures to detect inconsistencies or significant gaps.

4Report and plan

You receive a prioritised roadmap to fix, organise and sustain compliance.

Indicative plans

GDPR audit pricing

VAT not included

Basic Audit

€150one-off payment

  • Essential documentary review.
  • Executive status report.
  • Priority recommendations.
Request Basic

Comprehensive Audit

€600one-off payment

  • More complete documentary and technical diagnosis.
  • Detailed action plan.
  • Closing session to settle priorities.
Request Comprehensive

Premium Audit

€1,000one-off payment

  • Extended scope and additional support.
  • Workshop and follow-up support.
  • Deferred follow-up review.
Request Premium
Frequently asked questions

Frequently asked questions

What does a GDPR audit include?

It includes analysis of processing activities, documentary review, validation of technical and organisational measures, risk identification and a prioritised action plan.

Does it also suit SMEs and law firms?

Yes. The methodology adapts to the size, data volume and actual risk level of each organisation.

After the audit, can it continue as external DPO?

Yes. The audit can be the base for an ongoing external DPO service or continued privacy support.

Interlinking

Related services

Direct contact

If you want to know where you really stand on privacy, let's start with a serious audit.

Tell me about your organisation's context and I'll prepare a proposal with scope, approach and work priorities.

Request a proposal Open WhatsApp