Our approach

Our approach to GDPR compliance sets us apart from traditional law firms. We take an integrated approach, bringing together cross-disciplinary teams that include attorneys, IT experts and management consultants. By taking a risk-based approach, we thoroughly analyse our clients' compliance with GDPR requirements. From there, we develop comprehensive action plans to address any identified shortcomings.

Our ultimate goal is to ensure that our clients' processing of personal data is fully compliant with GDPR and other relevant legislation, and not just superficially so. To achieve this, we work closely with our clients to provide them with the necessary information and support, even after our work is complete. Our focus is on ensuring that our clients have the expertise and resources needed to maintain ongoing compliance with GDPR regulations.

Our experience and services

At KPMG Law, we provide comprehensive support to our clients to help them achieve full compliance with data protection regulations. This includes offering expert advice and assistance in designing policies and processes, as well as ensuring compliance across all relevant documents and information systems. We also provide training to our clients' employees to ensure they have the knowledge and skills needed to maintain compliance.

In addition to our data protection services, we also offer expert guidance in the field of IT law. Our team has extensive experience in advising clients on software development and licensing, as well as drafting terms of use and other IT-related transactions. We often collaborate with IT advisors from KPMG Baltics to provide our clients with the most comprehensive and up-to-date guidance possible.

Typical services we have recently offered our customers:

  • compliance assessment of the processing of personal data and mapping of the current situation;
  • preparing an action plan to bring personal data processing into compliance with the requirements;
  • advising on personal data breaches, communication with supervisory authorities;
  • drafting the terms of use of personal data, reviewing and updating existing terms of use;
  • compliance checks for mass mailing and marketing campaigns;
  • advising on data protection impact assessments;
  • advising on the preparation of an overview of personal data processing;
  • services of a data protection specialist;
  • drafting licensing and IT development agreements. 


Karin Oras

Pääosakas, asianajaja, lakiasianjohtaja


+372 507 9241

Urmas Kukk

Asianajaja, CIPP/E


+372 667 6805

Katri Remmelgas



+372 667 6805


Ota yhteyttä lakiasiantuntijoidemme verkostoon Baltiassa, Pohjoismaissa ja maailmanlaajuisesti.

Advokaadibüroo KPMG Law OÜ

+372 6676 805
Ahtri 4, 10151 Tallinna, Viro
Email again: