Personal Data Protection
Compliance with Law No. 195/2024 (enters into force 23.08.2026). Full transposition of GDPR into national legislation.
Subcategories
Data Mapping & Audit
- • Discovery audit of personal data processing
- • Record of Processing Activities (RoPA)
- • Classification of special categories of data
- +1 more
Policies & Documentation
- • Privacy Policy (RO/RU/EN)
- • Consent forms
- • DPA templates with processors
- +2 more
Technical Security
- • Data encryption at rest
- • Data encryption in transit
- • Pseudonymization and anonymization
- +2 more
Data Subject Rights
- • DSAR web form
- • Automated request handling workflow
- • 'Right to be forgotten' mechanism
Incident Response
- • Data breach response procedure (IR plan)
- • CNPDCP and data subject notification templates
- • Tabletop incident exercises
Data Protection Impact Assessment
- • DPIA screening — is one needed?
- • DPIA execution
- • Prior consultation with CNPDCP
Data Protection Officer (DPO)
- • DPO-as-a-Service
- • Internal DPO training
- • DPO audit
Cross-Border Data Transfers
- • Legal basis assessment for cross-border transfers
- • SCC implementation
All services in this category
| Code | Service | Price | |
|---|---|---|---|
| A.1.1 | Discovery audit of personal data processing We scan servers, databases, file storage, CRM, backups; identify where and what personal data is processed. | 1,320 € | Details → |
| A.1.2 | Record of Processing Activities (RoPA) We prepare the document the controller must maintain and present to CNPDCP upon request. | 1,320 € | Details → |
| A.1.3 | Classification of special categories of data We tag data on health, biometrics, racial origin, political views, criminal records — special regime applies. | 1,320 € | Details → |
| A.1.4 | Data Flow Map Visualization: where data is transferred (third parties, processors, countries), on what basis. | 1,320 € | Details → |
| A.2.1 | Privacy Policy (RO/RU/EN) With mandatory elements per art. 13–14: controller identity, purposes, bases, retention, rights, DPO contacts. | 1,320 € | Details → |
| A.2.2 | Consent forms Explicit, separated, revocable consent forms for marketing, newsletters, third-party transfers. | 1,320 € | Details → |
| A.2.3 | DPA templates with processors Contracts with hosting, CRM, marketing platforms, accounting services. | 1,320 € | Details → |
| A.2.4 | Internal policies and procedures Personal data security policy, access regulation, incident management procedure. | 1,320 € | Details → |
| A.2.5 | Cookie banner and Cookie Policy Granular consent mechanism with cookie categories. | 1,320 € | Details → |
| A.3.1 | Data encryption at rest TDE on databases, storage volume encryption, backup encryption. | 1,320 € | Details → |
| A.3.2 | Data encryption in transit TLS 1.3 deployment, HSTS, mTLS between microservices. | 1,320 € | Details → |
| A.3.3 | Pseudonymization and anonymization Data masking for test environments, PAN tokenization. | 1,320 € | Details → |
| A.3.4 | Access management (IAM) RBAC/ABAC, MFA, key rotation, orphan account cleanup. | 1,920 € | Details → |
| A.3.5 | Tamper-proof audit logs Centralized log collection (ELK/Loki), WORM storage, event correlation. | 1,560 € | Details → |
| A.4.1 | DSAR web form Secure form with requester identification on client's site. | 1,320 € | Details → |
| A.4.2 | Automated request handling workflow Ticket system with 30-day SLA, escalation, templates, export for portability. | 1,920 € | Details → |
| A.4.3 | 'Right to be forgotten' mechanism Secure deletion scripts respecting legal retention, cascading deletion across systems. | 1,920 € | Details → |
| A.5.1 | Data breach response procedure (IR plan) Documented plan: detection → assessment → notify CNPDCP within 72h → notify subjects. | 1,320 € | Details → |
| A.5.2 | CNPDCP and data subject notification templates Ready forms (RO/RU/EN) for CNPDCP filings and affected subjects. | 1,320 € | Details → |
| A.5.3 | Tabletop incident exercises Breach simulation with client's team, measurement of real response time. | 1,320 € | Details → |
| A.6.1 | DPIA screening — is one needed? Checklist per art. 36 — mass profiling, special categories, video surveillance, etc. | 1,320 € | Details → |
| A.6.2 | DPIA execution Full report with risks, mitigation measures, residual risk. | 1,920 € | Details → |
| A.6.3 | Prior consultation with CNPDCP Preparation of CNPDCP submission package if residual risk remains high. | 1,320 € | Details → |
| A.7.1 | DPO-as-a-Service Certified external DPO: CNPDCP registration, RoPA maintenance, requests, quarterly report. | Monthly480 € | Details → |
| A.7.2 | Internal DPO training Function transfer to employee: training program, document templates, annual support. | 1,320 € | Details → |
| A.7.3 | DPO audit External annual review of the client's internal DPO operations. | Annual1,320 € | Details → |
| A.8.1 | Legal basis assessment for cross-border transfers Check: country recognized adequate, or SCC/BCR/explicit consent needed. | 1,320 € | Details → |
| A.8.2 | SCC implementation EU template localization, integration into processor contracts (AWS, Google Cloud). | 1,320 € | Details → |