Skip to content Skip to footer

Loading Results

The EU General Data Protection Regulation

The new EU General Data Protection Regulation (GDPR) came into force on 24 May 2016, and compliance with it has been required as of 25 May 2018. The regulation concerns all actors and all handling of personal information in the EU. The regulation creates new obligations for both registry keepers and all those who handle personal information.

However, regulation of data protection also enables the utilisation of strategic information, and there is no reason to view it as only a burden. Data protection may become a source of competitive advantage for businesses in the future.

We help your organisation to ensure compliance with the GDPR in a business- and goal-oriented way. Our services cover all the phases required to reach compliance, from assessing the current state of data protection and privacy to identifying the measures required and providing expert and project support for their implementation phase.

We also offer verification services that your organisation can use to demonstrate to customers, interest groups and authorities that it acts in compliance with the GDPR. This is done with a reliable assurance report issued by a third party. Our verification services also help with the continuous maintenance of compliance after the period of transition.

In addition, we offer assessment services on data protection projects in progress throughout the duration of the project. The results of our assessment will give you a clear picture of the state of the project in relation to the aims set for it and the requirements of the GDPR.

Our services include:

Initial assessment of the current situation (gap analysis)

  • Understanding the current state of the organisation’s data protection compared to the requirements of the GDPR and general best practices
  • Understanding what in the organisation’s methods needs further development
  • Preparation of a clear plan for further development

Implementation and development projects concerning data security

We help with project planning and in different phases of development projects:

  • Support for specifying measures
  • Support for identifying and defining timetables and roles
  • Support for defining the governance of a project
  • Support for identifying indicators and critical factors related to ensuring the success of a project
  • Expert data protection services (risk management and legal services) during implementation projects.

In addition, we offer legal services:

  • for checking, assessing and preparing documentation on data protection (e.g. privacy policies and guidelines) and agreements and annexes on the handling of personal information
  • for data protection training for different actors (including training of data protection managers)
  • in special juridical questions related to data protection or the handling of personal information.


If you want to discuss ensuring compliance with the GDPR after the transition period, contact us!


Contact us

Jani Arnell

Jani Arnell

Cybersecurity & Privacy Leader, PwC Finland

Tel: +358 (0)20 787 8844

Jörgen Jansson

Jörgen Jansson

Privacy Advisory Services, PwC Finland

Tel: +358 (0)50 590 0662

Seija Vartiainen

Seija Vartiainen

Senior Manager, Legal, PwC Finland

Tel: +358 (0)20 787 7483

Stay connected