VeraSafe is your Dedicated Team of
GDPR Compliance Experts

The General Data Protection Regulation (“GDPR”) is the European Union’s comprehensive privacy law, which likely applies to your organization, even if you have no physical or legal presence in the EU.

VeraSafe’s GDPR compliance engagements pair in-house U.S. and European attorneys with technologists and project managers, making your GDPR consulting team uniquely cross-functional. In contrast to large law firms, VeraSafe doesn’t shy away from the complex intersection of IT and law.

Thank You

Thank You!

We’ll be in contact shortly.

VeraSafe will effectively operationalize a risk-based GDPR compliance program for your organization.

Key activities include:

Data Mapping and Discovery

VeraSafe guides you through a discovery exercise, to develop your records of data processing (as required by Article 30 GDPR). This set of diligence becomes an essential information resource throughout your initial GDPR compliance project, and beyond.

Notice and Consent

VeraSafe will review your organization’s privacy policy and propose improvements to the existing privacy policy, or draft a new one, as necessary, to comply with the GDPR. If consent is the most appropriate legal basis for certain data processing operations in your organization, we will analyze your organization’s current data collection points and recommend ways to implement consent management, or improve the quality of the consent acquired, with respect to the requirements of Article 7 of the GDPR.

Privacy Rights

VeraSafe will analyze each information system within the scope of your exposure to the GDPR and identify cases where data subject rights (right to be forgotten, right to access, correct, update one’s personal data, right to restrict processing, etc.) are not supported. Our team will help you score or rank all compliance gaps and develop real-world solutions to close critical compliance risks.

Vendor Risk Management

The GDPR includes specific obligations that you must pass down to any service organization you engage to process personal data on your behalf. VeraSafe has a mature methodology, including an internal knowledge base covering our approach to successfully negotiating GDPR-compliant data processing addenda with common service providers. Additionally, we help you assess vendor compliance by analyzing their third-party audit reports, or vendor security questionnaires.

Library of SOP Templates

VeraSafe has painstakingly developed a library of data protection-related standard operating procedure templates that can be easily customized to fit your particular circumstances. We also refine your existing procedures to help ensure your operations comply with applicable privacy and cybersecurity laws.

Data Protection Impact Assessment (“DPIA”)

Before starting new data processing initiatives under the GDPR, a data protection impact assessment must be performed, in certain cases. VeraSafe offers complete assistance and impartial advice on your DPIA, in addition to a DPIA template and documented DPIA procedure template for you to use in conducting your own DPIAs.

Privacy Training for Staff

VeraSafe provides our proprietary all-in-one privacy and security training program: PrivacyTrain. This integrated Learning Management System includes popular computer-based training content, which can be applied across your entire organization. Detailed reporting helps you document and demonstrate compliance.

Data Protection Officer and EU Data Protection Representative Service

VeraSafe provides both outsourced Data Protection Officer (DPO) services and GDPR Article 27 EU data protection representative services.

More information about our DPO services.

More information about our GDPR Article 27 data protection representative (DPR) services.

Key contacts

Matthew Joseph

Matthew Joseph


Managing Director

Jim Cormier

Jim Cormier


Senior Vice President and Head of Professional Services

Why VeraSafe?

Track record of successful GDPR implementations across industries.

Work directly with our in-house team of US and European attorneys, IT experts, and project managers.

Strategic, risked-based approach to compliance.

Fully customizable GDPR compliance program, tailored to fit your needs.

Holistic approach: We help you identify business opportunity hidden inside the GDPR.

Going beyond just EU privacy law, VeraSafe is your end-to-end partner for the entire privacy and cybersecurity domain.