Compliance

GDPR regulations and national protection requirements

We advise on compliance with GDPR and supplementary national data protection regulations. This includes mapping processing activities, assessing the basis for processing, and implementing appropriate technical and organizational measures.

Policy development

We draft and adapt internal policies, including data protection policies, IT and security policies, as well as compliance and whistleblower policies, that are legally robust and operationally applicable.

Handling personal data breaches

We advise on handling breaches of personal data security, including assessment of the notification obligation, dialogue with the Danish Data Protection Authority and communication to data subjects, as well as establishing procedures that reduce the risk of recurrence.

Management systems (Part OPS, Part M, Part 145 and security)

We assist with the establishment, review and update of management systems related to Part OPS, Part M, Part 145 and security requirements, so that the systems comply with applicable regulations and support the company's operational operations.

NIS2 and cybersecurity

We assist companies with understanding and implementing the NIS2 regulations and other cybersecurity requirements. The advice includes risk assessments, governance structures and handling security incidents in accordance with regulatory requirements.

Data processing agreements

We prepare and review data processing agreements and other contracts for the processing of personal data to ensure correct allocation of responsibilities, compliance with GDPR and clear frameworks for collaboration with suppliers and partners.

Regulatory compliance in aviation

We have particular experience with regulatory compliance within aviation and advise on compliance with relevant EU regulations and national requirements, including regulatory relations and internal compliance structures.

​