General Data Protection Regulation


The new regulation forces all the organizations that process personal data of European citizens to comply with its requirements. The organizations are obligated to comply with the regulation from May 2018. Its purpose is to create a single institutional framework for the processing of personal data in all Member States of the European Union, by establishing rules for the protection of Natural Persons and the circulation of their personal data. In addition, it provides for severe fines of up to €20 million or 4% of annual global turnover. PRIORITY and its experienced consulting team can help you evaluate your infrastructures and processes, correct your weaknesses, change your practices and support your compliance with the regulation.

GDPR Assessment

PRIORITY first evaluates the current level of compliance of your organization, regarding the management of personal data in accordance with the requirements of European Regulation 2016/679 (General Data Protection Regulation - GDPR) and the wider regulatory framework. The evaluation occurs through questionnaires, interviews, workshops and automated data discovery tools.

Data flow mapping

Our executives, through their experience in many GDPR projects concerning large organizations processing personal data of high risk, produce the Data Flow Mapping of your organization, containing all the information required by the GDPR Regulation (Article 30) for personal data processing and, in order to be compliant with and to identify gaps.

Privacy Impact Assessment

Our consultants conduct the Privacy Impact Assessment, that meets the requirements of Article 35 of the GDPR Regulation, the relevant European Data Protection Board Directive, ISO 29134 and the English and French DPA Directives.

Compliance Plan

PRIORITY, having implemented the first great GDPR projects in Greece, recommends to you the right measures and composes the Compliance Plan, which will include all the required actions, prioritized, categorized and agreed with the organization's executives, in order to achieve compliance with GDPR in the most efficient way.

Policies and procedures

PRIORITY’s consultants, manage the development of data security policies and procedures, covering the requirements of ISO 27001: 2013, business continuity, covering the requirements of ISO 22301:2012 and personal data protection that will meet the requirements of BS 10012: 2017, in a complete and functional Personal Data Management System.

Compliance audits

We conduct Internal Audits and Compliance Audits in accordance with the requirements of the Regulation.

Vulnerability assessment/

Penetration test

Controlling in practice the security vulnerabilities in your infrastructures and your online applications is a critical point and a necessary measure to address the risks of malicious parts. Using our reliable tools and our experience to identify the vulnerabilities of your systems, we can propose realistic countermeasures.


Recognizing the need to train the executives of an organization concerning the sensible subject of personal data management, we have created training programs giving you practical solutions, tips and answers about the implementation of all the requirements of the new Regulation. You can learn more about our seminars (8 hours & 40 hours) here.


In anticipation of the publication of the official standard by EDPB, we undertake to guide you to the accepted international GDPR certifications based on the standards BS 10012 and ISO 27001, based on ISO 29100, ISO 29151, ISO 27552 (draft) and ISO 27018. Having already completed the first certifications in Greece, we lead you safely, quickly and intelligently in obtaining the only available GDPR compliance verification that you may use for your customers.

Data Protection Officer Services

PRIORITY offers third party services, undertaking the full DPO role for the client, full DPO support and partial DPO support, according to the clients needs.

Back to top