Data Protection & Data Privacy

Data protection for your company – finally efficient and practicable

Personal data is an opportunity for your company. However, processing also entails risks – for the data subjects as well as for your company. Address these risks in a targeted manner: We support you in working out, developing and implementing pragmatic measures. This makes your daily work easier and supports you in external audits. In addition, you create trust with your customers.

Selected references on the subject

Our Services

Request offer

  • Privacy Assessment

    Which data protection requirements does my company have to comply with and where do I stand? You will receive a professional assessment of your company's level of data protection maturity. We also provide you with concrete, pragmatic measures to close your gaps in terms of data protection and data security.

  • Data Privacy Concept

    The data privacy concept lays down the principles for handling data and in particular personal data and defines measures for data protection. Our data privacy specialists work closely together with you so any legal and compliance requirements regarding data privacy relevant to your organization can be taken into account. The data privacy concept focusses on the following areas:

    • Data privacy principles
    • Legal requirements
    • Data and protection needs
    • Guidelines for the handling and use of data
    • Technical and organizational measures (TOM) for data privacy
    • Rights of data subjects

  • Data protection certification

    We accompany and support you in the preparation for a data protection certification according to VDSZ and GoodPriv@cy:2018.

  • Data protection guidelines and strategies

    Depending on your needs, we develop a strategy, a policy (privacy policy), guidelines, a manual or a data protection concept. In doing so, we take into account the national and international legal foundations applicable to your company.

    The core elements of the documents are the following topics:

    • Principles of data protection
    • Legal basis
    • Identification and classification of processed data
    • Handling of data
    • Technical and organizational measures for data protection
    • Rights of the data subjects

  • Data protection management system (DSMS)

    Do you want to achieve and maintain an appropriate level of data protection? A data protection management system (DSMS) helps you to achieve clear responsibilities, pragmatic procedures and good documentation.

    The DSMS can stand alone or be integrated into other management systems (e.g. ISMS, QMS).

    For your DSMS we consider the PDCA cycle (plan, do, check, act) and the following topics:

    • Awareness and commitment of the management
    • Definition of objectives and scope
    • Assessment of the current situation and definition of measures
    • Development and introduction of data protection documentation and processes
    • Sensitization of employees
    • Definition of a roadmap for maintaining the DSMS

  • Data Protection Officer as a Service

    Who in your company has the competence and interest in data protection? We would be happy to take on the role of data protection advisor or deputy. We would also be happy to support you as a data protection specialist in projects, with individual measures or accompanying you in your day-to-day work.

Why is data protection so important for my company?

Data protection is more important than ever - not just since the new Data Protection Act (nDSG). Employees, customers and legislators are sensitizedto the fact that data is worth protecting Attackers are also aware of this and exploit security gaps.

It's not just about legal compliance. Your customers and employees expect their data to be treated confidentially and protected as well as possible. You don't gain this trust easily. And even trust built up over decades can be destroyed in an instant.

Make your everyday life easier by implementing data protection:

  • If you collect little data, you don't need elaborate deletion processes.
  • If you know where you process which data, you don't need a research team for data subject inquiries.
  • If you inform the data subjects right from the start and get them on board, you will not experience any unpleasant surprises.

You lack the time to read in and implement the measures? We support you to act economically through a pragmatic and well-thought-out implementation. Contact us and we will advise you without obligation.

Read our blog series on data protection

Datenschutz (1 / 4): Beschaffung von Personendaten
Datenschutz (2 / 4): Umgang mit Personendaten
Datenschutz (3 / 4): Aufbewahrung und Löschung
Datenschutz (4 / 4): Datenschutz-Managementsystem (DSMS)