GDPR Compliance for a Gaming Startup


Following a compliance order from an EU-based Data Protection Authority (DPA), a Serbian IT Startup running an online gaming platform needed to implement GDPR compliance programme and nominate a DPO within a relatively short deadline.


After the initial meeting with the client, Privanova promptly provided the client with several key policies including the Company's Data Protection Policy. In addition a Privacy Notice and a Cookie Notice for the Website were drafted. Within the deadline, we managed to test and publish a cookie consent management system for the client's website.

At the same time, we assisted the client to recruit and nominate a DPO in accordance with the GDPR requirements. Finally, we helped the client provide feedback to the EU-based DPA, thus avoiding further penalties and fees.


In accordance with Article 12 of the GDPR, a complete set of policies was drafted.


Cloud-based cookie consent management was implemented on the client's website.


Article 37 GDPR requirements were met by recruiting a Data Protection Officer.


Communication with the local Data Protection Authority was ensured on behalf of the client.

Facing similar challenges?

Let us help