A Team of Three FIPs
Certified professionals with CIPM, CIPT, CIPP/E, and CIPP/US credentials — all holding the prestigious Fellow of Information Privacy (FIP) designation
Data Subject Requests
We help you respond to client requests regarding their personal data.
Why Choose Us
Experts in GDPR since 2018
We’ve been systematically building and implementing privacy programs since the early days of the GDPR.
-
-
Privacy Advocates
We host regular in-person and online events dedicated to privacy and data protection.
-
Authors of “GDPR for Divers”
Our in-house lawyers and privacy managers are proud co-authors of a widely respected practical guide.
-
Connected with German Partners
We implement the best European privacy practices through close collaboration with trusted German experts.
The Path to Responding to a Data Subject Request The Path to Responding to a Data Subject Request
-
01
Contacts and forms
We add contact details and request forms for exercising GDPR rights -
02
Request registry
Each request must be logged and stored -
03
Identification
We distinguish relevant requests from the general flow of incoming inquiries -
04
Request analysis
We verify the request, assess it, and locate the relevant data -
05
Response preparation
We develop strategies and prepare draft responses -
06
Support
We assist in responding to any follow-up questions from the requester
What’s included? What’s included? What’s included? What’s included? What’s included? What’s included?
Request
Process
-
Access
Access request, DSAR, data subject access request -
Deletion
Deletion request, right to be forgotten request -
Rectification
Rectification of data or data modification -
Consent withdrawal
Consent withdrawal or opt-out (often related to marketing) -
Compensation
If the data subject provides evidence of a violation -
Delegated request
Submitted via automated messaging systems or a representative
-
Missed deadline
One month to respond — extensions require a formal procedure -
Incomplete response
Missing data or partial disregard of the request -
No violations
In cases of unfounded or unjustified requests -
Request spamming
Aiming to disrupt the company’s normal operations -
Corporate intelligence
Requests used to identify vulnerabilities in the company
The response strategy will depend on the nature of the request and the complexity of data processing in your company
-
Data deletion request
Data subjects ask to delete all data about them, even if some of it cannot be deleted under the law -
Request for a copy of data
Data subjects ask for all data collected about them, even if such data is not in the database -
Request for information about data
Data subjects ask for an explanation of the privacy policy or information about the company’s operations -
Do not sell my data request
This request is more common in California, but it also appears in the EU -
Request to disclose third parties
Data subjects ask to disclose service providers, advertising partners, and SaaS tool vendors
How much does it cost?
€100/hour
Depends on the complexity of the request, the state of your compliance program, and the amount of data your company processes
Team
Key privacy experts
From discovery to a structured compliance dashboard. What’s inside?
-
Kateryna Dubas
Head of Privacy Practice at Legal IT Group -
Anton Tarasiuk
Managing partner at Legal IT Group -
Anton Demchuk
Junior IT/Privacy Lawyer at Legal IT Group -
Dmytro Nefodov
Junior AI/privacy lawyer at Legal IT Group
Certified GDPR / CCPA / CPRA experts
We hold 10+ certifications in the field of privacy
Our expertise is internationally recognized.
Current and practical articles
- Data protection officer
- AI compliance officer
- Data privacy compliance
- Дія.City
- Digital Millennium copyright Act
- Торгова марка в IT
We write about what we practice
IP, GDPR, contracts and disputes, and the legal aspects of implementing technologies like artificial intelligence or best practices for delivering concrete legal solutions.
-
How do you work with IT companies?
To protect copyrights in IT, it is important to record your authorship (date of creation, registration with Ukrpatent), enter into agreements with clear terms, use product licenses, sign NDAs with partners, and implement digital watermarks or signatures in products. If your rights are violated, contact legal experts, such as Legal IT, who can help you monitor violations and take legal action to protect your intellectual property.
-
How to protect your copyright in IT?
To protect your copyright in IT, it is important to record your authorship (date of creation, registration with Ukrpatent), enter into contracts with clear terms, use product licenses, sign NDAs with partners, and implement digital watermarks or signatures in products. If your rights are violated, contact legal experts, such as Legal IT, who can help you monitor violations and take legal action to protect your intellectual property.
-
How quickly do you respond to requests?
To protect copyrights in IT, it is important to record your authorship (date of creation, registration with Ukrpatent), enter into contracts with clear terms, use product licenses, sign NDAs with partners, and implement digital watermarks or signatures in products. If your rights are violated, contact legal experts, such as Legal IT, who can help you monitor violations and take legal action to protect your intellectual property.
-
How do you ensure privacy?
To protect copyrights in IT, it is important to record your authorship (date of creation, registration with Ukrpatent), enter into contracts with clear terms, use product licenses, sign NDAs with partners, and implement digital watermarks or signatures in products. If your rights are violated, contact legal experts, such as Legal IT, who can help you monitor violations and take legal action to protect your intellectual property.