DPO on Demand
Build with us a dynamic and coherent system through which to manage your data protection.
With us you can dynamically add capabilities.
An experienced team will help you to implement and maintain in your organization a system of policies, procedures and mechanisms for continuous security optimization.
In a flexible and effective work regime.
Why do it?
Increase the level of protection
Without an experienced DPO, essential steps in protecting data confidentiality may be omitted due to lack of time or specific technical knowledge. Our team will supplement your efforts, through specific and applied knowledge, in a flexible and financially and humanly efficient manner.
Scalability
The field of data protection is vast and can be complicated if not addressed in an organized manner. By turning to specialists in the field, you will become more scalable and flexible, and you will be able to address more relevant and effective issues.
Relevance
By accessing a pool of experts, you will be able to access informed opinions, which come from experienced seniors in the field. You will be able to obtain third-party opinions on data privacy, governance, security and technical elements.
Why us?
The experience
We have specialists with unmatched cybersecurity experience
Flexibility
By allocating resources on-demand, we offer dynamism and savings.
Speed
Our agile approach means faster results without compromising quality.
Simplification
Our expertise simplifies complex challenges.
Effectiveness
We offer value at a competitive cost.
What are we doing?
We help you correct inconsistencies and non-conformities with the requirements of the Regulation or international best practices.
We will implement a Data Privacy Management System naturally integrated into the organization, with multiple business benefits.
We are preparing you to demonstrate to the authorities that the legal obligation is actually implemented in the organization, according to internationally recognized standards and good practices.
The persons concerned
We implement the whole system of processes, flows, specific documents and technical elements necessary to carry out the essential interactions with the data subjects in a correct way (consent, information note, exercise of the rights of the data subjects)
Legal
We interpret the legal implications of data processing
We correct, adjust the legal basis of the processing and the content all GDPR specific contract documents in the organization
Technical
We perform privacy impact analysis
We evaluate the detailed risk analysis on the computer system
We implement mechanisms for awareness and applied training of employees
What are the steps?
Audit
We identify personal data, processing activities, legal basis
We identify legal, technical and procedural non-conformities
We analyze the compliance of the online and offline environment
We assess consolidated compliance
We perform a detailed security risk analysis
We perform an impact analysis on privacy
We analyze the technical, organizational and legal implications
We issue recommendations for compliance with GDPR standards
We are designing an action plan for compliance
Implementation
We are implementing a privacy management system
We implement IT&C solutions proportional to vulnerabilities and the degree of risk
We reshape the company's data streams
We develop working instructions for each processing activity
We provide support in the implementation of organizational measures
We perform an impact analysis on privacy
We analyze the technical, organizational and legal implications
We issue recommendations for compliance with GDPR standards
We are designing an action plan for compliance
We adapt the Internal Regulations and annexes to the employment contracts
We create a continuous GDPR training strategy at the company level
We update existing documentation, policies and procedures
Support
We monitor compliance
We establish appropriate control measures to ensure and maintain the confidentiality, integrity and availability of personal data.
consult in the emergency recovery planning process
We will inform and provide you with expertise on the obligation to comply with the provisions of the GDPR
We monitor compliance with the GDPR and relevant local laws and regulations.
We act as the sole point of contact for the supervisory authority and third parties and employees
Testimonials
Madalin Bratu, founder of Sectio Aurea, with a professional experience of 20 years in IT. His experience covers a wide range of fields, from cybersecurity and IT service management to process management, hardware and software maintenance, and advanced consulting in secure information governance.
Madalin Bratu spent a decade working at IBM, where he contributed to some of the most sophisticated service projects in Central and Eastern Europe. He played a key role as Global Portfolio Manager for Cybersecurity Services at Atos - Eviden, one of the leading multinationals in the field of cybersecurity, managing global cybersecurity projects in areas such as identity management and cloud security. His experience also includes valuable contributions to local companies, such as Safetech Innovations, one of the most dynamic cybersecurity firms in Romania.
Through Sectio Aurea, he offers unique, flexible, and relevant services. The company's business model, refined over nearly 5 years, is based on an innovative concept - that of microservices. Madalin is accompanied by a carefully selected team of experts and authoritative voices in the field of cybersecurity (CISO, DPO, CIO, architects), with whom he has built a healthy professional relationship through successful projects. This relationship has led to the optimization of an innovative delivery method (microservices in audit and consulting). These experts are actively involved in solving the challenges you face, ensuring customized and high-quality solutions.
Madalin has served many clients as a consultant in the implementation of the NIS Directive across various sectors (water companies, banking, utilities) but has also participated as a certified NIS auditor in various audit missions in complex or difficult-to-analyze environments. Most of his clients recommend him from the level of general director to IT Managers, Security Managers, and technical managers.