Your authorized representative for
data protection and compliance

(legal compliance)

We are independent and competent.

Reporting

Here you will find our topic-specific reporting points.

Whistleblower reporting office

Reports under the Whistleblower Protection Act



Data protection incident / Databreach

Reporting of data breaches under the General Data Protection Regulation and Databreaches

ISB

Reporting of information security incidents (ISO 27001, VDA ISA)



Other reportings

Reporting other type





Contact

If you have any questions, please feel free to contact us.

About us


Compliance with laws, directives and standards is becoming increasingly important.

Surveys show that the vast majority of companies do not comply with all regulations.

However, the possible penalties have increased extremely, so that a reorientation is recommended.

We are the right partner for you if you want to be secure in the long term.

We look after many customers and thus have a broad insight into the problems of day-to-day business.

We review your data protection concept, identify any gaps and make suggestions for remediation.

We support you in responding to inquiries from supervisory authorities and data subjects correctly in terms of form, time and content.

For efficiency reasons, we work with self-assessments.

You can also use something similar with your service providers (e.g., processors).

Ideally, we get a fixed contact person, this can also be your consulting house.

Our team consists of

Data protection officers, auditors, lawyers and IT experts.

External data protection officer

Do you need an external data protection officer?

(According to ยง38 BDSG: "...insofar as they usually employ at least 20 persons constantly
with the automated processing of personal data..."
see also info)

We are your competent and efficient partner.

(Data protection officer with TรœV certificate)

Effective data protection means

Determination of
GDPR compliance

A self-assessment based on Excel is used to determine the maturity level.

Results from subsidiaries can be aggregated.

Affected party and customer inquiries

We support you in responding to your stakeholder and customer inquiries.

Proposals and
Starting points

They receive concrete suggestions on their starting points.

We can recommend suitable law firms for legal advice.

Communication with the country DPO

It is important to inform the authorities openly and correctly (in terms of time, form, content).

Audits of processors


With the selection of the order processor, you have assumed the responsibility for the assigned processing by its

supplier. This part must be monitored.

Privacy Impact Assessments

We perform impact assessments at:
- in case of DATA-BREACH
- for new types of processing

Compliance - How does it work?

You implement the requirements of the supervisory authorities, certifiers and customers
into internal guidelines in a legally compliant manner.

We monitor the implementation of your corporate guidelines,

independently and competently

Procedure:

1


Stocktaking

Together, we define the scope of monitoring (locations, topics, inspection interval).

Based on standard checklists, we perform a self-assessment and document the maturity level in a report.


2


Monitoring and consulting

Together we adapt the checklist and define a program for monitoring.

In defined cycles you will receive a status report including deviations and improvement potentials.

For reasons of independence, we are available for discussion of the findings but not for their processing.

3


Complaints Office

In addition to monitoring, we offer the establishment of a complaints office for the various topics.

This usually serves as an independent point of contact for internal and external parties for defined topics.

You would like a quote or have a question


Infos

When is a data protection officer mandatory?

What is personal data?

Who are data subjects in the sense of data protection?

What is a processing directory and what is its purpose?

What are technical and organizational measures (TOM)?

What must be observed with cookies?

What is meant by tracking?