Partner
ISO/IEC27001/KRITIS -Auditor
Data protection and GDPR consulting
The General Data Protection Regulation (EU-GDPR) plays a direct or indirect role in the everyday lives of companies and their customers. Data breaches, hacker attacks and spam attacks on users are becoming increasingly frequent. Therefore, customers must be able to rely on the secure handling of their data. And this in the context of sometimes complex and extensive information and documentation obligations.
Werner Merl
Associate Partner
Authorised Signatory, Industrial Engineer
Write to us without obligation:
Get in touch now
The protection of personal data requires a common and integrated view of data protection and information security. Even though the GDPR covers all forms of processing of personal (or personally identifiable) data, IT-technical data processing is at the forefront in today’s digitized world. Depending on the size of the company, the tasks for the provision and operation of the IT infrastructure are performed by various specialist departments. Specifications for the structure and operation of the IT are influenced by business requirements, regulations and compliance.
Resulting data protection requirements should be mapped in a data protection management system (DMS), including with regard to the register of processing activities (“VVT”), the risk-oriented derivation of data protection measures, a data protection training strategy, tasks and obligations within the framework of order processing and, last but not least, the responsibilities of management.
Our services
Determination and Improvement of the Degree of Implementation of the DSMS
- Evaluation of the degree of implementation of data protection and DSMS
- SWOT and GAP analyses Reporting and recommendations
- Support with implementation
Optimization of your DP Organization/your DPMS
- Analysis of business requirements in the data protection environment of the markets and services
- Development of governance structures
- Strategy development and documentation
Data Protection in Practice, also as an External DPO
- Continuous optimization of your DSMS
- Performance of the legal tasks of the external data protection officer (DPO)
Optimized Implementation of Mandatory Processes
- Reviews of processing activities
- Comparison of the VVTs
- Investigation and tracking of the requirements for contract processors
- Design of (self-)assessments with AV partners
- Documentation and inventory of the service content of the involved DSB
Training Concept and Phishing Risks
- Webinars on the topic of data protection
- Webinars or on-site training courses on area-specific topics
- Evaluation and improvement
Reporting Trends & Solutions
Your update from auditing: Relevant insights on audit, reporting, ESG, GRC, deals, digital transformation, cybersecurity & Co. – compact, solution-oriented and from a single source.