top of page
Анотація поверхні


After a two-year transition period, compliance with the EU GDPR has become mandatory for all companies within the EU, requiring them to update their IT systems and security policies accordingly.


ESKA offers comprehensive consulting services to help organizations achieve compliance smoothly and without hassle.
Principles of GDPR

Fundamental principles of GDPR compliance

If personal data is processed, this processing must always be lawful and may only be carried out in a specific way. Therefore, data protection-compliant information handling is only guaranteed if the particular data protection principles specified in the GDPR are observed. Following the principles, we mention below, grants successful compliance for enterprises of any size. Also, they would be helpful for those individuals whose business is connected to handling personal data and who want to deal with it using the fundamental GDPR principles.

The GDPR has seven fundamental principles that
summarize the legislation requirements. 

Transparency and lawfulness of the collected information

 It must always be apparent to the person concerned about their personal data processing. "Secret" processing is not permitted.

Data Collection

Limited purposes for collecting personal data.

Data minimization

When processing data, only as much personal data may be collected as is necessary for the respective processing purpose. The principle applies: "As much data as necessary, as little data as possible." This is intended to protect the data subject from excessive disclosure of personal data.

Storage limitation

If personal data is no longer required, it must be deleted unless the deletion conflicts with statutory retention requirements (especially in commercial and tax law). As long as the retention period runs, the data will not be deleted but blocked by the person responsible for further use.

Integrity and confidentiality

Personal data must be treated securely and confidentially. In particular, unauthorized persons must not have access to it and must not be able to use the data or the equipment with which they are processed.


Your company must be able to prove to supervisory authorities that it complies with all the requirements of the GDPR. For this reason, you must precisely document the legal, technical, and organizational measures you have taken to ensure data protection.

Types of privacy data protected by the GDPR

Types of private data protected by the GDPR

Types of private data that are protected by GDPR

Primary identity data such as name, address, or ID numbers.

Web data relating to the user's security (includes the location and IP address, RFID tags, and cookies).

Genetic and health data.

Data related to race or ethnical belonging.

Political data such as opinion or the belonging to the particular political force.

Information about sexual orientation.

Biometric data.

Our services

Process of GDPR

The GDPR strengthens data processing. The institute of GDPR has developed a step-by-step process to deliver it smoothly. The next steps would provide you with clear guidance on compliance with the GDPR standards.

Fill 1.png

 Assess current  data systems,
policies and procedures.

Be aware of what data types your company obtains, how securely it is stored and whether it is well protected. What kind of data and technology is in charge of data protection?

Review the policies and procedures related to data storage, including data encryption, sensitive information proper handling, secure remote access, mobile devices, third parties, and data breach notifications.


Request a third-party cybersecurity provider to assess the current state of your company's protection objectively.

Fill 1 (1).png

 Assess current  data systems,
policies and procedures.

Make sure that current systems, procedures, and policies are up-to-date to adequately protect the company’s data and don’t have any weak spots to allow data breaches to happen. 

Question yourself, whether individual rights are respected and systems are in place for personal data safe transferring and timely deletion.


Be sure that requests for customers’ data usage are clear on the aim and period of personal data usage.

Fill 1 (2).png

Identity solutions.

When the respective risks or gaps are identified, research the appropriate solutions to fill the gaps.

Fill 1 (4).png

Training staff to keep them aware

Staff should be aware of amended processes to fully comply with the GDPR.

It would be conceivable to hold online training courses with subsequent online testing, which is mandatory for every employee who has access to personal data.

Fill 1 (3).png

Designate a Data Protection Officer or lead contact

If your company is required for data protection, it could be mandatory to assign a DRO to be in charge of initiatives connected with data protection initiatives and the Data Protection Authority.

Question yourself, whether individual rights are respected and systems are in place for personal data safe transferring and timely deletion.


The lead contact in data management or DPO could be in charge of data protection strategies communication, approving them with senior management.

Image by Sean Pollock
Consultancy and services provided by ESKA can help your company prepare for GDPR compliance

Benefits of consultancy and services for GDPR compliance preparation

Improved resilience against cyber-attacks.


Proper understanding of cybersecurity threats leading to their minimization.


Demonstration of cyber essentials understanding and proper implementation.

Rapid detection capability for malicious threats response.

The breaches of reports within 72 hours.

Raised employee awareness and enhanced security policies.

Benefits of GDPR

Benefits of GDPR

The mandate of GDPR core digital privacy legislation applies to organizations based in the EU and those with EU-based customers/ or users. ESKA will ensure the smooth optimization of business processes to comply with legal requirements.
The six most important advantages at a glance.

Enhanced data management.

An even company&brand reputation will never suffer from a data breach being fully protected.

With easier automation of business processes, the costs and human resources for the manual processing 

You would gain a better understanding of data collection processes. 

Drastically improved trust and credibility.

An even privacy playing field would improve your company's image and ensure fewer complaints.

Why us

Why do you need to choose ESKA?

Still have some hesitations whether cooperation with us is worth the trouble? Check 6 reasons why you should choose us

among other companies!



We have 8+ years of experience in the Cybersecurity market.

Yellow diamond.png


ESKA that's not just a contractor it is your partner, that's why we are always ready to help in the future. We are always focused on relationships and on customer success!


Up to date

We always discover the cyber security market and use the most modern technics and tools.

Doctoral cap.png


We have certified experts who are ready for the most difficult challenges.



We don't provide just a report with an incomprehensible list of issues. We always manual check the vulnerability and explain in what way and how to close it, give road map and recommendations.



We are trusted by more than 200 companies (including Governments and international corporations).

What our clients talk about us
Request a quote

Our expertise in the field of cybersecurity allows us to provide customized solutions that are tailored to the unique needs of each client.

1 (8).png
bottom of page