The collection of data, its handling and the protection of personal data is becoming more and more important with the increasing automation of work processes in everyday work every year. However, careful handling of data in accordance with legal requirements should not result in companies limiting their digital involvement and possibly losing out to competing companies.
We will be happy to assist you in a three-step process to preserve or establish a secure handling of your customers’ and employees’ data.
1. Initial Analysis
In the first step, we prepare an analysis of the current situation. The initial analysis includes the recording, analysis and evaluation of all data protection relevant processes in your company with final reporting.
In the second step, we rely on on-site consultation. Once our external data protection officer has been appointed, he or she will advise and support you on site, based on the results of the initial analysis, in setting up a legally compliant data protection concept.
3. Ongoing Support as (External) Data Protection Supervisor
Finally, in the third step, we work with you to determine that you are following the implemented steps and, if necessary, adapt them to changed structures.
As your external data protection officer, we are always at your company’s side in all matters relating to data protection and data security during ongoing support.
Tasks of a Data Protection Supervisor
The tasks and duties of a data protection officer in a company are clearly defined in the DSGVO. He ensures compliance with the regulations, in the handling of personal data in the company and in the use of personal data in the company.
- Designing transparent data processing processes
- Analysis of work processes and technical equipment
- Working towards and checking compliance with guidelines, including documentation of the condition
- Advising those responsible on the review of newly planned workflows
- Organisation of training courses to familiarise employees with the provisions of the DSGVO, the BDSG-neu and other data protection regulations
- Reviewing the confidentiality obligation of employees who process personal data
- Creation of a data deletion concept / a directory of processing activities
- Information sheet on data processing by third parties
- Contract data processing contracts
- Representing the company in data protection matters as (external) data protection officer
We would be happy to design a solution tailored to your company.