Data and communications protection

Kvale's lawyers assist private and public sector companies with data and communications protection.

Personal data is becoming increasingly more valuable in today’s digitized society. At the same time, there are greater expectations for how companies manage and protect personally identifiable data about customers, residents and others. Violations of the new, more stringent data protection rules that were introduced in 2018 can result in heavy fines and loss of trust.

Good data protection is a competitive advantage. Our data protection team provides both legal and strategic assistance to ensure that your business processes personal data in compliance with the applicable requirements. We also take the time to understand your business, determine the freedom of action you are provided by the data protection rules, and how to best utilise this for success.

Our specialists have extensive experience with both the general data protection rules (the EU General Data Protection Regulation (GDPR)) and special legislation in areas such as health research, telecommunications, security, public administration and employment. Kvale's clients in this area include telecommunications providers, pharmaceutical manufacturers, players in the retail sector, municipalities and government agencies.

Our services include:

  • Strategic advice in relation to compliance with the data and communications protection rules, including the GDPR.
  • Mapping the processing of data in relation to the present requirements (mapping and compliance).
  • The legality of the data processing.
  • Establishment of internal routines and documentation (internal controls).
  • Consent, privacy and cookie policies.
  • Data Protection Impact Assessments (DPIA) in the public and private sectors.
  • Preparation, review and quality control of data processor agreements.
  • Management of access requirements and other rights.
  • Introduction and management of employer’s control measures for employees.
  • Representing the company before the Norwegian Data Protection Authority in connection with supervisory cases, appeals against public decisions, applications, etc.
  • Courses and internal training.

Data Protection Test

The EU General Data Protection Regulation (GDPR) entered into force in 2018. The new rules impose stricter requirements for both documentation and how public and private businesses process personal data.

The Data Protection Test (Personverntesten) is a free tool that provides you with an overview of how your business complies with the new requirements.

The test gives you a final report with a compliance score, and includes our comments and recommendations that you can use in the continued work.

Does your business comply with the requirements in the new General Data Protection Regulation?