Data Protection

and Information Security

Covered Areas

  • Data Protection Law  in all terms

  • Investment firms

  • Financial market infrastructures

    • Central counterparties

    • Clearing and settlement institutions

    • Securities settlement systems

    • Exchanges, trading platforms, ECNs

  • Payment and electronic money institutions

 

Services

  • Full compliance to 6698 Data Protection Law​​

    • gap - analysis 

    • preparation of personal data processing inventory

    • drafting of informative and consent documents,

    • risk matrix and security measures 

    • drafting plans, rules and procedures on security and privacy, ​annihilation of personal data, data breach management,

    • post - monitoring of compliance,

    • adaptation of internal processes and controls to the data protection and privacy rules and regulations

    • registry to Data Controller Information System (VERBIS),

    • education to staff and management 

  • Establishing an effective information security framework and monitoring the compliance to the rules and regulations through-out the lifecycle

  • Assessing the effectiveness of existing information security framework and providing on demand penetration tests, reporting to the management

  • Providing education to the staff about information security