Data protection for your company – finally efficient and practicable

Personal data is an opportunity for your company. However, processing also entails risks – for the data subjects as well as for your company. Address these risks in a targeted manner: We support you in working out, developing and implementing pragmatic measures. This makes your daily work easier and supports you in external audits. In addition, you create trust with your customers.

Selected references on the subject

Our Services

Privacy Assessment

Which data protection requirements does my company have to comply with and where do I stand? You will receive a professional assessment of your company's level of data protection maturity. We also provide you with concrete, pragmatic measures to close your gaps in terms of data protection and data security.

Data Privacy Concept

The data privacy concept lays down the principles for handling data and in particular personal data and defines measures for data protection. Our data privacy specialists work closely together with you so any legal and compliance requirements regarding data privacy relevant to your organization can be taken into account. The data privacy concept focusses on the following areas:

  • Data privacy principles
  • Legal requirements
  • Data and protection needs
  • Guidelines for the handling and use of data
  • Technical and organizational measures (TOM) for data privacy
  • Rights of data subjects

Data protection certification

We accompany and support you in the preparation for a data protection certification according to VDSZ and GoodPriv@cy:2018.

Data protection guidelines and strategies

Depending on your needs, we develop a strategy, a policy (privacy policy), guidelines, a manual or a data protection concept. In doing so, we take into account the national and international legal foundations applicable to your company.

The core elements of the documents are the following topics:

  • Principles of data protection
  • Legal basis
  • Identification and classification of processed data
  • Handling of data
  • Technical and organizational measures for data protection
  • Rights of the data subjects

Data protection management system (DSMS)

Do you want to achieve and maintain an appropriate level of data protection? A data protection management system (DSMS) helps you to achieve clear responsibilities, pragmatic procedures and good documentation.

The DSMS can stand alone or be integrated into other management systems (e.g. ISMS, QMS).

For your DSMS we consider the PDCA cycle (plan, do, check, act) and the following topics:

  • Awareness and commitment of the management
  • Definition of objectives and scope
  • Assessment of the current situation and definition of measures
  • Development and introduction of data protection documentation and processes
  • Sensitization of employees
  • Definition of a roadmap for maintaining the DSMS

Data Privacy / Protection Officer as a Service

We will be pleased to take on the role of data protection officer, data protection advisor, data protection specialist or their respective deputies. We devote ourselves to the following tasks, but not exclusively:

  • Performing data protection clarifications
  • Training and advising the data controller on data protection issues / raising employee awareness
  • Involvement in the implementation of data protection regulations
  • Supervision of the processing of personal data in accordance with the relevant regulations including corrective measures
  • Developing and updating guidelines and directives
  • Preparation and analysis of data protection impact assessments (DPIA)
  • Support and monitoring of projects in the area of data protection
  • Performance of annual audits including reporting with risk analysis
  • Construction and maintenance of a data protection management system (DPMS)

Why is data protection so important for my company?

Data protection is more important than ever - not just since the new Data Protection Act (nDSG). Employees, customers and legislators are sensitizedto the fact that data is worth protecting Attackers are also aware of this and exploit security gaps.

It's not just about legal compliance. Your customers and employees expect their data to be treated confidentially and protected as well as possible. You don't gain this trust easily. And even trust built up over decades can be destroyed in an instant.

Make your everyday life easier by implementing data protection:

  • If you collect little data, you don't need elaborate deletion processes.
  • If you know where you process which data, you don't need a research team for data subject inquiries.
  • If you inform the data subjects right from the start and get them on board, you will not experience any unpleasant surprises.

You lack the time to read in and implement the measures? We support you to act economically through a pragmatic and well-thought-out implementation. Contact us and we will advise you without obligation.