External data protection officer and his deputy

If your company regularly processes personal data, it requires a data protection officer in accordance with Art. 37 GDPR. In addition, according to § 38 BDSG (German national data protection law), your company requires a data protection officer if at least ten persons are constantly engaged in the automated processing of personal data. We will provide you with an external data protection officer. Our external data protection officers are specialists in the field of data protection and related fields and offer you first-class support. The following services are included in the appointment of one of our external data protection officers:

  • Advice on compliance with statutory data protection requirements
  • Information about relevant data protection developments that may have an impact on your company and your business practice
  • Monitoring and supervision of compliance with data protection regulations
  • Development of data protection strategies that take your economic and business interests into account to the greatest possible extent
  • Promoting data protection compliance
  • Protection against fines of up to € 20,000,000 or 4% of the worldwide annual turnover of the previous business year
  • Identifying, evaluating and eliminating or minimising risks associated with the processing of personal data
  • Carrying out data protection audits and stocktaking and jointly developing necessary measures
  • Advice on and implementation of data protection impact assessments in accordance with Art. 35 GDPR
  • Support in data protection documentation and ensuring the accountability of the Controller in accordance with Art. 5 para. 2 GDPR
  • Provision of legal contract samples, texts, forms, templates for data protection and adaptation of these to the business conditions
  • Support in the creation and maintenance of records of processing activities in accordance with Art. 30 GDPR
  • Conception and coordination of operational data protection
  • Establishment of a process-oriented data protection management system
  • Introduction of a data protection organisation adapted to operational processes and conditions
  • Evaluation of existing software under data protection law and support in the introduction of new software with regard to data protection
  • Design of functional data protection processes for the optimal implementation of data protection requirements
  • Correspondence with supervisory authorities
  • Function as a single point of contact for supervisory authorities in data protection matters