General Data Protection 


The General Regulation on Data Protection (GDPR/RGPD) requires all companies established in the territory of the European Union or offering goods or services to the EU, processing private data, to comply with a set of obligations in order to guarantee the protection of the rights and freedoms of the persons concerned by these processing operations.

Since May 25, 2018, the various companies concerned must comply with the requirements mentioned in the GDPR.


The emphasis will now shift to agency accountability. Processing of personal data will no longer require prior authorization. However, companies will need to be able to document and justify compliance at all times.

Our DPO mission as a service : 

If you process personal data on a regular and systematic basis on a large scale, if you handle "sensitive" data on a daily basis (medical data, trade union membership, religion, ethnic origin,...) or if you simply want long-term monitoring to maintain your day-to-day compliance, ProNewTech offers a "DPO as a Service" service adapted to your situation and needs following a logic of a "maintenance contract" over three years in tacit renewal. The role of our expert office will be as follows:

  • Information and advice to the data controller, subcontractors and employees processing personal data.

  • Monitoring compliance with the GDPR within the company, including the allocation of responsibilities, awareness and training of personnel handling private data and managing related audits.

  • Advice on impact assessment (DPIA) on the protection of private data and supervision of its proper implementation.

  • Cooperation and contact point with the supervisory authority and the natural persons concerned for any question concerning the processing of personal data and the application of related rights.

  • On-site availability of our experts as soon as possible for any emergency (violation of personal data or CNPD control)
















ProNewTech's GDPR expertise :

  • Consolidation of the processing register (Article 30 of the GDPR)

  • Treatment analysis (Article 5 of the GDPR)

  • Provision of information required by the GDPR to the data subject during private data collection (Articles 12 to 14 of the GDPR)

  • Compliance of transfers outside the European Union (Articles 44 to 49 of the GDPR)

  • Review of existing employment contracts (Article 28 of GDPR)

  • Identification, prioritization and risk management (Articles 32 and 35 of the GDPR)

  • Detecting and managing violations (Articles 33 and 34 of the GDPR)


A system for detecting and recording attempted infringements within the computer network could also be implemented depending on the level of cybersecurity required. Any fraudulent access to or misuse of private data must be analyzed and reported to the controller, who must notify the control body and the data subject in accordance with clearly defined criteria.


Why​ ProNewTech ?

  • ProNewTech has been accredited by the CNPD as Data Protection Officer since 2009

  • 3 ProNewtech employees are entitled to act as "Data Protection Officer"

  • Personalized services by a stable and experienced team

  • Not just "one-sided view", because you have in-depth knowledge of data protection and IT.

  • Pragmatic methodology of Engineer resulting on a quality/price ratio advantageous and competitive.

ProNewTech S.A. (OAI Member - IP/10542)

55, Allée de la poudrerie L-1899 Kockelscheuer (LUXEMBOURG)

Tel: (+352) 32 99 20 1 - Fax: (+352) 32 99 20 11


  • LinkedIn - White Circle
  • w-facebook
  • Twitter Clean
  • w-googleplus