Services

Creating solutions together with you

Our mission
We wish to advise clients in which direction to go, create solutions together with them and make them grow and adapt better to constant changes. The future is not created by itself. Let’s design it together.
Our philosophy
Honesty, consistency, respect, responsibility, client and client’s needs, continuous improvement - these are the values we follow when implementing projects.

GDPR audit and implementation

As part of our service, we will provide you with professional assistance within the scope of activities covered by the GDPR, while trying to explain to you the intricacies of the regulation. We have experience in implementing GDPR in large organizations. We work with experienced partners who support us in all areas of the GDPR implementation.
Personal data protection:
Are you sure that all elements have been addressed and that you are already operating in accordance with the requirements of GDPR? GDPR is not only about formal procedures and compliance in terms of consent clauses, terms and conditions or privacy policy on the website. It also includes contract management and process modelling, technology, organization management, etc.
It should be remembered that the audit is multidimensional and interdisciplinary. It covers many aspects, such as the security of information and IT systems, the way processes are implemented and managed in the organization, the functionality of applications or systems and business continuity. The Data Protection Authority has repeatedly emphasized standardization. Thus, there are many possibilities to integrate and optimize processes to ensure compliance.
Our service includes:
GDPR compliance audit for your organization;
process specific audit (audit of GDPR documentation, audit of DPO activities, IT / HR / marketing audit, loyalty programs, audits of websites and mobile applications, etc.);
audit of completed implementation projects;
support in implementing changes indicated in the audit results along with project support;
assistance in completing the unfinished implementation of the GDPR;
preparation of documentation.
Personal data flow analysis and data processing agreements
In order to use the services of providers processing personal data, you have to meet a number of formal requirements. It is important to negotiate a contract adapted to the model of cooperation and type of services as well as the method of selecting a supplier and document your activities. The administrator entrusting data for processing is obliged to constantly supervise the data processing. On the contrary, it is in the interest of the supplier that the contract of entrustment does not burden the company with excessive duties and liability.
In addition, the provisions of the GDPR enforce the legal framework for the transfer of personal data outside the European Economic Area under the threat of severe penalties. As part of our services, we will make sure that the transfer of our clients' data outside the EEA takes place in accordance with the regulation. We have experience in developing mechanisms for data processing agreements. Knowledge about both model and solutions as well as badly drafted contract allows us to optimize the process of creating procedures, mechanisms and models of contracts in line with the GDPR and tailored to the needs of our clients.
We provide:
analysis of compliance and the legal basis for the data transfer outside the EEA;
support in obtaining the permission of the data protection authority for data transfer outside the EEA;
support in negotiating the conditions for the data transfer outside the EEA;
supporting the process of approving binding corporate rules;
support in the authorization of transfers based on approved codes of conduct and certification mechanisms;
setting rules for entrusting and sharing data between business entities and preparing data transfer maps (both between business entities and systems / processes);
determining whether there is a need to use a data processing agreement;
development of a data processing contract and consultancy, how to carry out the verification of the processor with adequate legal support;
support of the Controller in the audit of the processing entity in accordance with the contract.
Documentation
We constantly develop documentation in accordance with current law, tailored to your organization.
We will prepare or verify your existing documentation.
The documentation set contains, among others:
personal data security policy;
privacy policy on the website;
templates of agreement for entrusting the processing of personal data;
a procedure for handling data subjects' requests;
a procedure for the assessment and notification of incidents/breaches;
a template of the record of violations of the protection of personal data;
a template of the register of records of processing activities;
a template of the register of records of all categories of processing activities;
an exemple list of retention periods of personal data;
templates of information clauses;
templates of consent clauses;
risk assessment and assessment policy of processing, so-called DPIA, Privacy by Design, Privacy by Default);
guidelines regarding the appointment of the Data Protection Officer.
We will also help in the creation of documentation for ISO standards such as ISO / IEC 27001 - Information security, ISO / IEC 20000 - IT security, ISO / IEC 22301 - Business continuity management. It can be even more than 40 documents that may apply to your organization.
Analiza ryzyka i Ocena Skutków Przetwarzania (DPIA)
In the field of personal data protection systems, GDPR enforces a risk-based approach. This means high dynamics in the selection of organizational and technical measures depending on the circumstances and the risks associated with them. There is no single pattern in this process - each organization must carry out risk analysis individually and continuously. At the same time, it must be documented and kept in an organized manner.
A correct risk assessment is a big challenge, entailing the selection of appropriate measures, tools and documentation methods. By offering support in the area of risk analysis and impact assessment of processing using the guidelines of Working Group 29 (WP29), the data protection authority and ISO guidelines, we provide our clients with efficiency and safety.
We offer:
analysis of procedures and methodologies used by the Customer, including the approach to privacy by design / privacy by default;
support in developing a risk assessment methodology based on internal procedures and customer expectations or proposing a ready to use approach;
developing a risk assessment procedure (methodology, processes, roles and responsibilities);
conducting a risk assessment of personal data processing;
conducting a data protection impact assessment.

DPO function / DPO support / DPS

In some cases, the GDPR requires entities that process personal data to designate a Data Protection Officer. DPO tasks include supervising the compliance of organization proceedings in accordance with the regulation. Performing the duties of the DPO is time-consuming, requires knowledge and being up-to-date with the changing law. By using our services, you can entrust us with the function of DPO or get support in the field of ongoing coordination of personal data protection processes in a form of a data protection specialist when you do not need a formal DPO.
As part of our services, we offer:
performing the function of a Data Protection Officer (DPO);
replacement of the DPO in the enterprise during absence;
acting as a personal data protection specialist (DPS) - support when there is no need to appoint a DPO.
Outsourcing DPO function outside of a company or organization provides:
greater efficiency in terms of cost ratio and time-consumption of the DPO function;
continuous availability;
avoiding conflicts of interest;
no additional costs for an organization related to education and qualifications improvement while performing DPO function.
Our activities in the scope of performing the above functions include:
regular and ad hoc audits of the personal data protection system;
cooperation in the development and updating of security policies and procedures for the processing of personal data;
support in conducting and periodic verification of the register of records of processing activity or categories of processing;
raising the level of knowledge in the field of personal data protection through training for your employees and associates, management;
help in directing business processes in terms of compliance with provisions the data protection regulation;
issuing opinions on documentation regarding compliance with provisions the data protection regulation;
support in the event of personal data protection incidents/breaches;
support in implementing the security of networks and information systems;
advice on carrying out data protection impact assessments;
taking over contact with the Data Protection Authority;
support before and during audits by the Data Protection Authority;
preparation of correspondence in matters related to the processing of personal data.

Visualizations in contracts and documents

We make even the most complicated contract brighter. This increases the efficiency of your organization.
As part of the contract and document visualization service, we translate what is included in the contract into the image using diagrams and drawings. As a result, contracts, policies and procedures become more legible and understandable for people without in-depth legal or specific knowledge. As part of this service, we use modern approaches such as design thinking, legal design, contract visualization, legal processes engineering, to build processes and solve challenges faced by companies in the digital age, while remembering that it is about people at the end as recipients.

Effective contract management

We provide comprehensive support for the entire contract lifecycle, contract and business relations management (contract & commercial management).
What is contract management
Contact management includes both pre and post contractual activities, including but not limited to: reviewing, preparing and negotiating contracts, and a thorough monitoring of the performance of an executed contract until it is ceased or terminated. Contract management essentially focuses on maximizing profits and minimizing risk in contracts. In short, Contract Managers are people who have technical, operational and commercial skills as well as the ability to manage a contract, so it remains healthy and brings optimal and desired results.
Contract management includes all the various tasks and activities that allow the organization to maximize the value of business relationships. The definition may seem initially too general, but contracts inform and define business processes in every part of the organization and therefore the definition must be inclusive too. It is not just about buyers and sellers, every day, everyone manages some form of the contract.
Contract management at its best deals with risk and relationship management. In the simplest case, the contract is a document describing the relationship between the two parties, what each of them agrees to do and who bears the risk if things do not go as planned. Contract management is about managing those risks and that relationship on both sides in order to achieve the desired result originally intended. Every aspect, for example, cash flow, revenue recognition management, responsibilities of parties and all other areas emerge from this simple assumption.
These are activities both PRE and POST contract award, which include reviewing, drafting and negotiating contracts, as well as thorough control of the performance of a given signed contract until its completion.
Contract management focuses on maximizing profits and minimizing risk in contracts.
Contract management allows the organization to maximize the value of business relationships.
Contract management relies on relationship and risk management to ensure that both parties achieve the originally desired result. All elements such as cash flow, income, liability management and all other areas around it arise from this simple assumption.
It is an interdisciplinary science that focuses on technical and operational knowledge, trade and negotiation skills, as well as regulatory and legal matters.
It is a collaboration between silos / functions in an organization in pursuit of a business goal.
For contract management, a simple contract repository is no longer sufficient, no matter whether it is a network drive or a simple application.
Well-organized contracts are also a matter of compliance with many regulations regarding the fight against corruption, fraud prevention, ethical violations, personal data protection, anti-money laundering and others.
Large and dynamically growing small and medium-sized enterprises may encounter, among others, the following challenges:
too long preparation of contracts and lost sales opportunities;
work in organizational silos causing information noise and lack of cooperation;
unknown number and value of contracts;
data fragmentation and improper transfer of the contract to implementation teams;
unclear or overly complex approval requirements;
negotiations conducted without negotiation expertise;
insufficient use of contract templates and a repository of clauses;
lack or burdensome risk management;
unclear roles and responsibilities in contract management;
lack of workflow automation;
contracts kept in many different locations and insufficiently secured.
over-reliance on physical contract copies;
failure to meet contractual obligations; the risk of penalties, the lack or dispersed information about the contract;
overpayments, underpayments or unutilized discounts;
inadequate revenue protection;
the contracts expire, and no one notices the upcoming renewal moment;
missed opportunities for cross-selling or additional sales;
repeated verification of the same contract due to the lack of its summary, which involves unnecessarily many people and triggers rework;
ad-hoc reviews due to different requirements (regulatory, internal) without proper tools involving time that could be devoted to customer service or sales.
Better contract management is:
efficiency and productivity;
contractual transparency;
increased compliance;
more efficient operation and integration of various functions / silos in the organization;
greater market competitiveness (faster contracting and implementation);
making better business decisions based on real data and knowledge;
negotiating more profitable contracts through planning;
better conditions and more transparent contracts, including contract visualization;
faster revenue recognition;
reducing the risk of losing revenue;
better use of renegotiation opportunities;
avoiding contractual penalties;
ensuring compliance with contractual obligations and more effective business relationships;
faster conclusion of contracts, which is extremely important from the sell side;
hidden added-value leakage prevention.
What we can do in addressing key elements of contract management:
We will support the organization in the process of RFx or responses to RFx.
We will help in negotiating and creating a contract both before its conclusion and during the contract's implementation and its changes.
We will improve the integration of contract management and relationship management to provide tools and methods that create value while maintaining control.
We will support in ensuring compliance with strategic goals and business decision making while managing business partners in your organization.
We will transform the negotiations to allow better selection of partners by matching the goals.
We will check the organization's maturity level in terms of contract management based on the IACCM methodology.
We will support you in choosing the right technology to support the analysis of transactions, contracts and portfolios (including blockchain and smart contracts) and proactive risk management.
We will help you evaluate the transparency of agreements used in the organization and design them from scratch using the "legal design thinking" approach and graphic visualization for a better understanding of the content.
We will propose a change to shift the focus of contractual terms to achieve a better framework of collaborative relationships that will ensure efficient results management and reduce redundancy in repetitive contract reviews and negotiations, adding value to the organization.
We will help in extracting information from contracts by means of appropriate tools that can analyze contracts in terms of specific provisions (contract analytics), separate sections of the contract, indicate obligations or responsibilities of the parties without tedious, manual analysis.
We will train staff in the contract and commercial management both on the procurement and sell side.

BPM Process modelling and improvements

We help clients oversee and build correct business relationships. Thanks to us, it will be easier to maintain impeccable contact with clients and contractors or interactions between the functions in the organization.
Process modelling improves functioning and the flow of information and documents. The process must be modelled first and only then automated. Otherwise, you will automate problems. Prior modelling allows, among others, for constant control of the efficiency and effectiveness of departments, functions or roles. By modelling the processes, you can more easily establish appropriate measures that will show bottlenecks and coordinate work between departments in the company. In addition, process modelling will help in estimating the costs of these processes by getting to know them.
Keep supervision over processes. Shorten and control them to reduce administrative costs and increase revenue. It is difficult to manage something that you cannot see or understand.
As part of our service:
We will identify key organizations’ processes.
We will help to simulate the operation of new processes.
We will help to establish measures to monitor the effectiveness of the process and their business owners.
We will conduct a review of the processes and their classification and illustrate the links between them.
We will identify areas of improvement and model a new process together with a proposal to improve it and highlight appropriate internal control elements.
We will support in the selection of a technology and supplier suitable for the automation of document management or decision workflows.
The above help each organization significantly improve business continuity, Contract Management, security and compliance with the GDPR.
We will create a general model of processes for the entire organization or its selected area as well as detailed maps, i.e. define the inputs, outputs, measures and actors for individual process steps along with descriptions and dependencies.
Process documentation will also allow for the creation of Standard Operating Procedures, i.e. instructions’ manual. Thanks to this, new people will adopt easier to their duties or while replacing others during the absence of a given employee and tasks will be easier to manage. In addition, knowledge will remain in the organization in a situation when for some reason there will be organizational changes in the company.

Information security

We will help with IT systems and information security in the field of personal data processing and contract management.
Thanks to our trusted partners, we support clients in the field of audit and preparation for certification in accordance with ISO / IEC 27001 - Information security, ISO / IEC 20000 - IT security (including white-hacking or penetration tests of IT infrastructure), ISO / IEC 22301 - Business continuity management. Information security is also a lot of documentation to be developed. In total, it is even more than 40 documents that may apply to your organization which we can help with.