We accompany your project management and, if required, also take over the project management.
Individual Orders and Projects
Our expertise also includes providing consulting support to your internal data protection officer – depending on the project and objectives for a period of a few days to several years. Our project staff have the necessary expertise as senior consultants/experts, also act as project managers and, if required, coordinate the cooperation between departments, IT and technical service providers.
We create business concepts and documentation for you.
We support you in linking business concepts with technical specifications.
We advise you on the deployment of cloud services (IaaS, PaaS, SaaS) or on the creation and implementation of deletion concepts (e.g. ERP / CRM systems).
Data protection documentation
Legal accountability requirements stipulate extensive documentation of processing operations. For this purpose, information has to be collected in the departments or templates have to be created, either initially or on an ad hoc basis. We can also provide helpful support in the selection or deployment of IT systems to meet documentation requirements.
Processing activities must be documented and evaluated, and data protection procedures must take into account the ability to demonstrate compliance with data protection requirements at every step. We accompany you in all individual questions of documentation and accountability obligations.
The processing of personal data must always take into account the risks to the rights and freedoms of natural persons. In contrast to corporate risks, the probability of occurrence and the damage to the data subjects must be assessed here. As a data controller, you need to address data protection needs, potential loss events, risk assessment, and appropriate mitigation measures.
Risk management is also an essential component of a data protection impact assessment and the basis for evaluating data protection breaches. We will gladly support you in the professional introduction of a data protection management system and in individual areas of risk management.
Creation of templates, training documents, business concepts, guidelines, organizational instructions, as well as individual information requirements and declarations of consent.
Recording, documentation, initial risk assessment and protection needs assessment of processing operations.
Review of the need for, and support and documentation of a data protection impact assessment, including advice on the selection of appropriate remedial measures.
Advise and support for risk assessment, preparation of notifications to the data protection supervisory authority and notification of data subjects.