Jurilex is a nation-wide Dutch organisation processing special categories of personal data in the sense of the GDPR. In order to meet the requirements imposed by the new privacy legislation, we have opted for a plan-based, structured implementation approach. In this process, we have been expertly assisted by a junior consultant from The Privacy Factory, who applied the methodology specifically developed by TPF to facilitate the transition.

Jurilex Rechtsbijstand is a company of personal injury lawyers, employment experts and medical advisors, with 16 offices throughout The Netherlands. As an organisation, we serve the interests of our clients in cases of damage claims against possibly liable (opposite) parties. Our many years of experience in the field allow Jurilex to act as a strong and equal negotiating partner, securing the best possible, most justified compensations for our clients.

As an agency operating on a national scale, for the purpose of serving our clients’ interests, we process not only ‘normal’ personal data, but ‘special categories’ of personal data as well. Which means that, in the interests of our clients, but equally in the interest of our own organisation, we have to take extra care in.

meeting the requirements imposed by the GDPR. Which adds complexity and scopeto the implementation project. Reason enough to subscribe to the professional and plan-based approach offered by The Privacy Factory.

There are actually two reasons why we chose The Privacy Factory. First, because using the implementation methodology they have developed, they manage to reduce the GDPR’s complexity to a series of clearly identified activities to be carried out and the proofs to be assembled in the process. Second, because wanted to give the TPF junior consultant an opportunity to gain experience in applying the TPF methodology, thus improving his chances on the job market.

We were proven right on both counts. The TPF approach was successful in every aspect and the TPF junior consultant is currently engaged in multiple assignments in the capacity of privacy consultant.

At the time of the intake interview we conducted with our TPF junior consultant, he had been enrolled in the DPO Training program for a little over a month. It was our understanding at that point that the training would include a total of 12 one-day classroom sessions covering, step by step, the privacy activities to be carried out and the proofs to be documented on behalf of the various companies involved. From the very start of the work assignment at our organisation, this training approach clearly demonstrated its effectiveness. Our TPF junior consultant’s skills and expertise soon reached a level of complete reliability. The confidence we had, was also inspired by the fact that he was able to quickly explain to us which steps needed to be taken in which chronological order for our organisation to become GDPR accountable.

Perhaps just as important, obviously, was the certainty we had that in carrying out his assignment, our TPF junior consultant would have continuous support from an experienced TPF coach.