Initial assessment
We analyse what personal data the organisation processes, for what purposes, on what legal bases and with what security measures. The outcome is a gap report — identifying shortfalls against the GDPR and the LOPDGDD — that serves as a roadmap for compliance.