Dataprotection Audit and Certification


GDPR requires a procedure for the regular review, assessment and evaluation of the effectiveness of technical and organisational measures. (Art. 24 para. 1). In addition, the GDPR provides for a procedure which describes the framework conditions for data protection certification. (Art. 42). This procedure in particular requires a coordinated, transparent and comprehensible system for assessing the processing of personal data under data protection law (Art. 5).


Various audits according to the standard data protection model have already been successfully carried out, due to our certified data protection auditors and our experience in the implementation of the concrete technical, legal and technical fields of action of GDPR.

The service portfolio, which has meanwhile proven its worth and is covered by us, comprises a GDPR audit:


  • Planning, development and implementation of an individual audit program according to DIN EN ISO 19011
  • Recording of the current data protection level through certified audit methods
  • Determination and evaluation of the concrete implementation requirements for the data protection goals of your company to be achieved
  • Regular review (every 3 years) of the measures taken by your data protection management systems
  • Analysis of potential hazards and deviations from the requirements of the GDPR
  • Assurance of results through an audit report on the existing data protection system and information security
  • Examination of the fields of action GDPR that need to be implemented such as, operation of the data subject rights, data processing on behalf, deletion concept, technical and organisational measures and the processing directory.


The audits by Natuvion guide you safely and easily through your individual data protection inventory. Depending on the implementation status of data protection in your company, concrete recommendations for action for the targeted elimination of any weak points will be shown to you.

Through on-site visits, the use of industry-specific checklists, the conduct of targeted interviews as well as document and process audits, we guarantee data protection compliance, as required in particular by the GDPR and BDSG. At the end of the audit, Natuvion provides you with documentation that can be used as Reporting to your management or that can be submitted to the supervisory authority for audit requests. In addition, you create the foundation for a future certification procedure in accordance with Art. 42 of the GDPR.



Questions, Suggestions or Feedback? We are looking forward to it!