GDPR requirements for three categories of data subjects: consumers (consents for data processing/consent for reception of marketing materials/cookies & privacy policies compliance with law requirements/verification, whether data are not kept longer than necessary); cooperation partners (consents for data processing/ privacy policy presence) and employees (consents for data processing, consent for photographing/filming in corporate and private events/ privacy policy presence).

Data processing policy existence and its compliance with law requirements; Data protection impact assessment – necessity, compliance if present.