Artificial Intelligence & AI Act

We offer specialized legal consulting on Artificial Intelligence and the new European AI Act Regulation (EU Reg. 2024/1689). We assist companies that develop or use AI systems in their regulatory compliance journey.

Our AI services include:

AI system classification according to AI Act risk categories
Gap Analysis and AI Act compliance assessment
Drafting of mandatory technical documentation
Implementation of AI risk management systems
Algorithmic governance and human oversight
Fundamental Rights Impact Assessment (FRIA)
Compliance for high-risk AI systems
Consulting on generative AI and foundation models
Assistance for CE marking of AI systems

AI Act - EU Regulation 2024/1689 on Artificial Intelligence

GDPR Compliance

We offer comprehensive consulting services for compliance with the General Data Protection Regulation (GDPR), from initial assessment to implementation and ongoing monitoring.

Our services include:

Gap Analysis and initial compliance assessment
Drafting and updating Records of Processing Activities
Data Protection Impact Assessment (DPIA)
Drafting privacy notices and consent forms
Implementation of data subject rights
Review and adaptation of security measures
Periodic audits and continuous monitoring

GDPR Compliance - EU Regulation 2016/679

US Privacy (CCPA/CPRA)

Thanks to our dual bar admission (Italy and Massachusetts), we offer specialized consulting on US privacy regulations for Italian and European companies operating in the US market.

Areas of expertise:

California Consumer Privacy Act (CCPA)
California Privacy Rights Act (CPRA)
Virginia Consumer Data Protection Act (VCDPA)
Colorado Privacy Act (CPA)
Other state privacy regulations
EU-US data transfers
Certifications and Standard Contractual Clauses

DPO as a Service

We offer external Data Protection Officer services for organizations that, by law or by choice, need this specialized professional figure.

Our DPO service includes:

Formal appointment and notification to supervisory authority
Point of contact for data subjects and authorities
Privacy compliance monitoring
Consulting on DPIAs and new processing activities
Staff training
Management of data subject rights requests
Periodic reporting to management
Assistance during inspections

A DPO is mandatory for public bodies, organizations processing data on a large scale, and those processing special categories of data.

Data Breach Response

In the event of a personal data breach, we offer immediate assistance to manage the incident, minimize damage, and comply with legal obligations.

Our support includes:

Immediate assessment of incident severity
Risk analysis for data subject rights
Preparation of supervisory authority notification (within 72 hours)
Communication to data subjects if necessary
Coordination with IT and forensics teams
Incident documentation
Implementation of corrective measures
Assistance in enforcement proceedings

24/7 service available for data breach emergencies.

Additional Services

Privacy Documentation

Drafting and reviewing privacy notices, consent forms, Data Processing Agreements, Standard Contractual Clauses, and all privacy documentation.

Privacy by Design

Consulting for integrating privacy principles into the design of new products, services, and business processes.

Cookie & Consent Management

Implementation of compliant cookie policies, consent banners, and user preference management according to European guidelines.

Cybersecurity & Privacy

Assessment of security measures, internal policies, incident response procedures, and compliance with industry standards.

International Transfers

Assistance for extra-EU data transfers, TIA assessments, implementation of SCCs, and other appropriate safeguards.

Need a Consultation?

Contact us to discuss your privacy and data protection needs. The initial consultation is free.

Request a Quote

Our Services