GDPR Compliance

A team of experts entirely dedicated to data protection

In order to ensure that you meet your obligations in terms of management and protection of the personal data that you are required to collect, Luxgap puts all its expertise at your disposal.

Our team of lawyers and IT security professionals helps you assess your level of compliance, develops data protection policies with you, ensures that procedures are documented and supports you in the operational management of these issues.

Audit and GDPR compliance
GDPR Training
GDPR-CARPA Certifications


Audit and compliance

Are the GDPR compliance measures that you have established sufficient, appropriate, and effectively implemented? Thanks to Luxgap, you can benefit from an objective look at your current policy and personalized support to achieve GDPR compliance.

GDPR compliance audit

At the heart of a compliance audit, our teams analyze the procedures and measures implemented at the level of your company in terms of data protection with a view to assessing your level of compliance with the General Data Protection Regulation.
Through this audit, we may also be required to carry out penetration and vulnerability tests, which allow us to assess the solidity of your IT system, in particular with regard to the risk of data breaches

Compliance monitoring

On a regular basis, we monitor your company's compliance with data protection regulations, in particular through the verification of the compliance of your contracts with third-party actors, in accordance with Article 28 of the GDPR.


For some types of data processing, the GDPR requires that a data protection impact analysis (DPIA) be carried out. We help you to carry them out and to consult the data protection authority if necessary.

Data protection policies implementation

We help develop policies to improve data governance within your compaby. In this context, we also offer team training related to these policies in order to ensure their efficient implementation. After each training session, we carry out assessments to ensure that the new policies are understood.

Training and awareness-raising

We host and supervise regular training and awareness sessions for the staff of your company, either on site or via our online training platform. Our goal is to promote knowledge and data protection issues understanding. .



The GDPR-CARPA certification is the first certification scheme concerning the GDPR in Luxembourg, as well as internationally.

Based on the ISAE 3000, SCQ1 and ISO 17065 standards, this certification concerns certain data processing operations within a company and can only be granted after having carried out a detailed audit of these various processing operations.

The GDPR-CARPA certification is specifically indicated in certain sectors that have to handle sensitive data, such as health, for example. A hospital, which has to collect and process a large volume of extremely sensitive personal data, thus benefits from having a CARPA audit carried out in order to obtain its certification.

Specialized on this subject, the Luxgap teams carry out your CARPA audits allowing you to request your certification on the processing that have been analyzed.