I ensure that organisations comply with data protection requirements in france and spain

I have devoted the past eight years of my practice to serving as a Data Protection Consultant, helping a variety of companies and governmental organisations comply with European Union, French and Spanish data protection and privacy requirements.

Consulting services

Data protection consulting

Advice on data protection requirements: European Union, France and Spain

Data protection audit

Website audit

GDPR compliance:
. Assessing your current data protection programme,
. Elaborating an Action Plan for your GDPR compliance roadmap,
. Elaboration of organizational procedures according to GDPR (data breach notification procedure, management of data-subject rights’ requests, etc.),
. Data protection impact assessments (DPIA),
. Legitimate interest assessments (LIA)

Data Protection Officer as a Service
(DPO as a Service)

External DPO (France) – Acting as a Data Protection Officer on behalf of your organization, according to the GDPR’s mandate.

DPO support (France and Spain)

GDPR consulting services

Case studies

A patient association starts expansion into France after RECITAL ONE provided advice on their data protection obligations

A Spanish financial company successfully expands into France after RECITAL ONE offered advice on data protection requirements.

A French retailer company successfully expands into Spain after RECITAL ONE offered advice on data protection and privacy requirements

A Jersey online platform meets data retention obligations after RECITAL ONE provides advice on data deletion requirements.

Previous projects

I have advised organisations on the requirements related to data processing in clinical trials.

A few of the most complex issues in the field are the reuse of health data, the legitimation of data transfers, and the determination of the roles of organizations engaging in clinical research. Moreover, the fragmentation of legislation at the national level within the EU makes it harder for organisations to carry out transnational clinical research. But thanks to my work with an EU patient organization and an American sponsor, I am well versed in the requirements related to data sharing in clinical research.

I have advised organisations on the requirements related to data processing in employees monitoring

I have answered queries and offered informational sessions to senior managers of companies on the monitoring of email and the monitoring of employee behaviour by way of digital devices in the workplace.

Need more custom services for your teams and events ?

I co-teach a course on Cybersecurity law at the ESADE Business School (Spain) and I am often invited to speak at webinars and conferences on privacy and data protection matters around the world.

Feel free to contact me to speak at your school or at your next event. I am fluent in English, French and Spanish.

Data protection GDPR training

Data protection courses tailored to your needs


Provide professionals with specialized training on data protection law and assistance in preparation for the CIPP/E professional certificate (2020 - Present)

Provided training on data protection law to civil servants working for public institutions in a Spanish region (2008).

Co-teach a course on cybersecurity law at ESADE Business School, Spain (2018 - Present)

Helped develop a data protection course for the legal publisher Lefebvre-Sarrut (2019)

 

Latest presentations as a guest speaker:


Johnson County Community College, USA
. Geolocation: what are the privacy risks?
(March 2023)
. Cybersecurity for legal professionals (March 2023)
. Introduction to cybersecurity law (EU and US) (Oct. 2022)
. The EU-US Comparative Legal Framework: The Processing of Biometric Data (March 2022)

University of Santiago, Chile
. There Is No Rule without an Exception: Key Aspects and Practical Examples of Health Data Processing According to the GDPR (Dec. 2021)

ISACA Greater Houston Chapter, USA
. A brief review of the NIS2 Directive (Feb. 2023)
. How to handle data subject rights. Lessons from practical examples (Dec. 2022)

AFCDP, University of DPOs, France
. European Data Protection Board 2020-2021: What recommendations for data subject rights management? (April 2022)

IAPP Virtual KnowledgeNet, Romanian Chapter, Romania
. Cybersecurity and Privacy (March 2022)

OneTrust Privacy Connect, Spain
. Artificial Intelligence and Privacy: The New European Proposal and the Status of Facial Recognition (Oct 2021)

PrivSec Global, UK
. How Do Data Protection Regulations Apply to AI? And Is GDPR Ready for Facial Recognition? (June 2021)

What our clients say

A patient association starts expansion into France after RECITAL ONE provided advice on their data protection obligations

"I have no words to describe how grateful we are, you are a great professional!"

Finance manager - Financial sector company

"I sincerely thank you for your help and I will definitely contact you again for any query related to data protection in Spain"

Associate attorney - Law Firm

“I am very happy with all the work you have done. Once again, thank you very much for your time. It has been a pleasure working with you on this project”

Director - Clinical research sector

A Spanish financial company successfully expands into France after RECITAL ONE offered advice on data protection requirements.

A French retailer company successfully expands into Spain after RECITAL ONE offered advice on data protection and privacy requirements

How can I help you?

Please leave me a message and I would be happy to talk to you by phone or video conference.

info(a)recitalone.com