What we helped our clients with

Projects We Have Implemented

Manufacturing Companies

The broad clientèle of our company consists of small and large manufacturing companies. In addition to the development of security documentation and the essential paperwork, in the case of manufacturing companies we focus on securing mediation/processing contracts with third parties, dealing with the issues of personal data transfer to countries outside the European Union (EU) and the European Economic Area (EEA). Our clients in production are also provided with supervision of personal data protection in the role of a data protection officer. We cover reasonable monitoring by CCTV systems in production, perform inspections of individual cameras and define their scope of processing. As part of the service, we provide regular training of the authorised persons along with control activities to ensure adequacy and timeliness in the processing of personal data of data subjects. We provide our clients with comprehensive advice in personal data protection and in the case of complaints we communicate with the Office for Personal Data Protection. We also individually approach the elaboration of consents to the processing of personal data. We regularly inform our clients about the latest updates in guidelines and methodologies issued by the Office for Personal Data Protection that directly affect them. 

Health Care Sector

As regards personal data protection, our experts with extensive experience have actively covered the health care sector for some years. We treat each client individually right from the start, which is why we dare to claim that the services we provide are above standard and all-inclusive. Many healthcare facilities, pharmacies, practices, health centres and hospitals have placed their trust on us. We are aware that the processing of a specific category of personal data requires top-level security. Knowing that, we provide the data protection officer services, cover the technical aspects of the protection of personal data, prepare detailed security and health documentation according to the Act No. 576/2004 Z. z. on Health Care, Services Related to Health Care Provision and on Amendments to Certain Acts. We organise regular training for doctors and healthcare professionals who work with sensitive personal data of patients. We carry out annual and regular inspection activities in order to evaluate and record the current situation and supervise the necessary requirements related to the processing and protection of personal data in the health care sector. In addition, we provide our clients with regular counselling, so that they need not deal with the personal data protection issues in detail.

E-Shops and Websites

Since we started our company, we have provided our clients with advice and services in e-commerce. E-shop operators and website founders are offered our solutions in the field of personal data protection consisting of development of security documentation and obligation to inform data subjects. We prepare data subject's consent for purposes related to marketing and promotion. We make settings to cookies by appropriate legal ground and ensure the proper formulation of texts, or other particulars, subject to GDPR and the Act No. 18/2018 Z. z. on Personal Data Protection.

Investment Companies

We cover protection of personal data of clients in investments on a long-term basis, having operated successfully in Slovak and Czech markets. In addition to providing regular guidance, we have been focused on the full scope of preparing the essential paperwork, on developing security documentation and also, in personal data protection, on the rights and obligations of legal entities and individuals in the prevention and detection of money laundering and terrorist financing pursuant to the Act no. 297/2008 Coll. on Prevention against Legalisation of Proceeds from Crime and Terrorist Financing and on Amendments to Certain Acts.

Schools and School Facilities

Our practical implementation of GDPR in schools and school facilities is aimed at setting the rules in accordance with the Act No. 245/2008 Z. z. on Education and Training and on Amendments to Certain Acts (the School Act). Our clients in public sector perform processing of a large amount of  personal data, not only of pupils and students, but also legal guardians and parents of children, principals of schools, managers of school facilities, teachers and other employees in the sector of education. It is important to properly adjust the processing of special categories of personal data processed by such educational institutions. Accordingly, our office ensures adequate technical and organisational measures, as well as physical and building security solutions. For controllers we handle the issue of monitoring by a camera system, for which provide data protection impact assessment in the case of lawfulness according to Article 6(1)e. In addition to fundamental requirements arising from the GDPR we have been also engaged with the paperwork related to consents to the personal data processing for children and their legal guardians. We also provide assistance for distance learning for which we focus on selecting appropriate on-line platforms to ensure adequate protection of personal data. Our clients in the sector of education are also provided with advice on all-inclusive and regular basis in our role of a data protection officer.

Financial Companies

As a company we engage with personal data protection in the financial sector for clients in the Slovak Republic and the Czech Republic. Each client is given an individual approach, which is then followed up on by providing full and specific GDPR implementation in the company's processes. We cover the development of security documentation and the obligation to inform data subject, and setting the basic processes based on the Act No. 18/2018 Z. z. on Personal Data Protection and the GDPR. We offer guidance for questions regarding automated decision and profiling under Article 22 of GDPR. We are also available to our clients through regular and comprehensive advice given in our role of a data protection officer.


Centrum environmentálnej výchovy Turiec (Turiec Environmental Learning Centre) is a civic organisation founded in 2013 with an aim to introduce environmental education into the educational process at primary and secondary schools. It offers students a variety of activities related to the protection of nature and landscape and activities that contribute to awareness raising among the general and professional public in the field of environmental education and ecology.

We knew that the functioning and operation of the civic association depended on pupils in primary and secondary schools that started closing their doors at that time because of unfavourable conditions due to the onset of the COVID-19 pandemic. For some time, the activities of the non-profit organisations were suspended. This cannot be said of personal data processing, though. Since the organisation's activities involve, under GDPR, collection of personal data of pupils, students and children, Top privacy rolled up its sleeves and started working.

In early 2020, we contacted Mr. Martin Kondek, the Centre's manager, by means of a short and brief interview, presenting our proposal for reciprocal assistance and cooperation in the field of personal data protection. Thanks to a very prompt response and forthcoming approach we received all the information necessary to implement GDPR in the organisation's practical operation. The Top privacy office handled a full range of activities from development to delivery and additional explanation of the safety documentation, along with the information obligation for the data subjects in both printed and electronic form, which can be consulted on the website of the civic association. We understood the civic association's needs related to positive publicity, promoting happy children faces during the teaching and learning process by means of photographs on the website or brochures.  To that end, forms were prepared for the organisation for consent to the processing of personal data, with a detailed explanation of sage and secure methods of handling such data.

"As a civil association which is required to have  all the paperwork for GDPR, we approached Top privacy s.r.o. We were very pleasantly surprised by their helpfulness, professionalism, and willingness to give advice on the necessary details in the processing of personal data. They always had the time to respond to our questions and offer appropriate solutions. If you are thinking which company to ask, we recommend Top privacy. See for yourself that this is the right choice," the Centre's manager Mr. Kondek adds.

We made our client reassured to inquire about anything related to GDPR even after our co-operation was completed.

Cyberbullying in theatre performance (Detský divadelný súbor Kamarát, Martin)

Our lives have changed significantly due to the COVID-19 pandemic. We began to spend much more time in the world on-line. All of a sudden, the activities we were engaged with at work or school outside of our homes were concentrated right there. Children are the most vulnerable group in the on-line space, that is why we decided to focus our next project on their safety and security of their personal data.