Search:
Clear
  • Clear

TEGOS advised NordSecurity on GDPR, data protection, and key regulatory matters

We provided ongoing GDPR and data protection and other regulatory support to one of Lithuania’s top tech groups (NordSecurity) as it developed and launched new digital services. These included new products of cyber intelligence, eSIM-based services, VPN and hosting – all using complex data flows across international markets.

Each product raised new questions about data use and privacy, and required a practical approach to the following:

  • How to legally process data under Article 6 of the GDPR in highly technical environments
  • When legitimate interest can be used instead of consent, especially in new B2B and B2C models
  • How to apply data minimisation and proportionality principles in automated monitoring and scraping tools
  • Figuring out if certain types of indirect data in CTM or scraping tools count as personal data under EU law

These products needed to scale across global markets while staying compliant with data laws. Legal input helped reduce risk and supported innovation by making sure privacy was built into the product from the start.

We worked as GDPR advisors within the product teams, leading Data Protection Impact Assessments (DPIAs) for high-risk data use. We developed internal GDPR tools, including data classification models and risk scoring systems, and reviewed the client’s practices against EU guidance and recent cases to ensure alignment. We also helped the company prepare for regulatory reviews, making sure they could clearly explain and defend their data practices.