Data Protection Officer
External data protection officers with GDPR expertise and multiple certifications.
Certified Data Protection Experts
Comprehensive Data Protection Services
Legal certainty through professional GDPR compliance
GDPR Compliance
Compliance checks and implementation of every GDPR requirement.
Incident Response
Rapid support after privacy incidents and professional liaison with authorities.
Data Protection Officer
We take the role for you
On request we serve as your company’s data protection officer. Our certified specialists have many years of GDPR experience and a deep understanding of industry-specific requirements.
We monitor ongoing compliance, review your privacy programme, respond to data subject enquiries and act as your competent contact for supervisory authorities.
Data Protection Concept
End-to-end GDPR alignment
Your organisation needs clearly defined rules for collecting, processing and deleting data, including controlled access rights. A precise incident response plan is also mandatory.
We help you create a comprehensive data protection concept including records of processing activities, deletion policies and employee awareness programmes.
GDPR Compliance Services
Legal certainty for your organisation
Privacy Notices
Legally compliant privacy policies for your website and company.
Records of Processing
Complete documentation of all processing activities in line with Art. 30 GDPR.
Processor Agreements
Data processing agreements for every service provider and cloud platform.
Staff Training
Hands-on GDPR training for all employees handling personal data.
Compliance Audit
Stay on the safe side
We audit your organisation for compliance with all relevant data protection laws, in particular the GDPR. Starting with your privacy notice, we assess whether every regulation is implemented accurately.
Our audits cover technical and organisational measures, data flow analyses, data subject rights management and assessments of third-party integrations.
Data Breach Response
Swift and professional action
If a data breach occurs we are at your side. We determine the scope of the incident, assess the risks and know the exact steps to take.
Our incident response team supports you with the 72-hour supervisory notification, data subject communication and damage mitigation. We also represent you as licensed legal agents in proceedings before the data protection authority.
EU Representative under Art. 27 GDPR
Our legal professionals act as your point of contact for EU authorities and data subjects
We act as the EU representative in Austria or Italy. Our experts speak German, English and Italian. We communicate on your behalf with data subjects as well as supervisory authorities.
As your EU representative we fulfil the statutory role for non-EU organisations processing personal data of EU citizens.
Why Professional Data Protection Matters
Legal certainty and trust through GDPR compliance
Fine Exposure
GDPR violations can result in fines of up to €20 million or 4% of annual turnover.
Customer Trust
Transparent privacy practices build customer trust and strengthen your brand.
Legal Compliance
Professional GDPR compliance protects you against warnings and legal disputes.
Frequently Asked Questions about Data Protection
Answers to the most important GDPR questions
Whether you must appoint a data protection officer depends on Art. 37 GDPR and the respective national regulations.
A DPO is in particular required if
– the core activities involve extensive processing or monitoring of personal data (Art. 37 GDPR), and
– in Germany, if at least 20 people regularly process personal data in an automated way (§ 38 BDSG),
– in Austria, for public bodies or where there is large-scale monitoring or processing of sensitive data (Art. 37 GDPR in conjunction with the Data Protection Act).
GDPR infringements may lead to fines of up to €20 million or 4% of worldwide annual turnover – whichever is higher. Additional claims for damages and legal warnings may also follow.
You have 72 hours to notify the supervisory authority. If there is a high risk to data subjects, they must also be informed without delay. Documentation and mitigation measures must be initiated immediately.
Required deliverables include: privacy policy, records of processing activities pursuant to Art. 30 GDPR, data processing agreements, technical and organisational measures, deletion concept and consent management.
Ready for GDPR Compliance?
Let our certified privacy experts advise you and establish legal certainty for your organisation.
