GDPR Documentation

In order for you to have all-round protection, your company must have legally required data protection documentation. If you do not yet have any documentation, we will be happy to support you in creating, adapting and maintaining it.

Processing directory

The processing register lists all processing activities of personal data in your company. This serves as proof for the supervisory authorities.

Technical and organizational measures

The technical and organizational measures list all measures that you have taken for your company: e.g. data backup, security locks or firewalls and antivirus programs.

Consent Management

If you would like to obtain consent from your customers (e.g. to receive a newsletter), this must comply with the applicable legal requirements. We would be happy to advise you on the preparation of a declaration of consent.

Deletion concept

Data that is no longer required must be deleted. This is one of the principles of the GDPR. To ensure that you comply with the prescribed deletion periods, we will develop a deletion concept with you to ensure compliance with the statutory periods.

Privacy Policy

Your customers have a right to know what data you collect about them and how it is processed (e.g. on your website or in your programs). We would be happy to advise you on creating a data protection declaration or data protection information for your customers.

Data Protection Impact Assessment

A risk assessment (so-called data protection impact assessment) must be carried out to ensure data protection compliance for particularly risky data sets (e.g. health data). We would be happy to advise you on the implementation.