Data Protection Audit & Certification


GDPR requires a procedure for the regular review, assessment, and evaluation of the effectiveness of technical and organizational measures (Art. 24 para. 1). In addition, the GDPR provides for a procedure which describes the framework conditions for data protection certification (Art. 42). This procedure in particular requires a coordinated, transparent, and comprehensible system for assessing the processing of personal data under data protection law (Art. 5).



Various audits according to the standard data protection model have already been successfully carried out, thanks to our certified data protection auditors and our experience in the implementation of the concrete technical and legal fields of action of the GDPR.


Our service portfolio includes:

  • Planning, development, and implementation of an individual audit program according to DIN EN ISO 19011
  • Recording of the current data protection level through certified audit methods
  • Determination and evaluation of the concrete implementation requirements for the data protection goals of your company to be achieved
  • Regular review (every 3 years) of the measures taken by your data protection management systems
  • Analysis of potential hazards and deviations from the requirements of the GDPR
  • Assurance of results through an audit report on the existing data protection system and information security
  • Examination of the fields of action GDPR that need to be implemented, such as operation of data subject rights, data processing, deletion concepts, technical and organizational measures, and the processing directory



The audits by Natuvion guide you safely and easily through your individual data protection inventory. Depending on the implementation status of data protection in your company, concrete recommendations for action for the targeted elimination of any weak points will be shown to you.


Through on-site visits, the use of industry-specific checklists, targeted interviews, and document & process audits, we guarantee data protection compliance as required by the GDPR and BDSG. At the end of the audit, Natuvion provides you with documentation that can be used as reporting to your management or that can be submitted to the supervisory authority for audit requests. In addition, you create the foundation for a future certification procedure in accordance with Art. 42 of the GDPR.



Questions, Suggestions, or Feedback? We look forward to it!