Data Protection, Privacy Strategy, & Consulting


 The basic EU general data protection regulation (GDPR) was adopted by the EU Parliament on April 14, 2016. It was published in the Official Journal of the European Union on May 4, 2016 and came into force on May 25, 2016 and is applicable starting May 25, 2018.




The concrete implementation needs of companies were determined by us in various preliminary projects and already successfully completed implementation projects and summarized in a standardized overall procedure. The typical service portfolio covered by us in the context of a GDPR project includes:



  • Data processing in the group and list of processing activities
  • Revision, control and documentation of order data processing
  • Implementation of a risk-based approach to determine the toMs
  • Review and adaptation of contract templates and declarations of consent
  • Review and revision of the data protection manual
  • Reassignment of the data protection officer (and, if necessary, data protection coordinators)
  • Implementation of the principles "Privacy by Design" and "Privacy by Default"
  • Implementation of a data protection impact assessment process
  • Implementation of a reporting process to monitor data transfers to non-EU countries



  • Coordination with regard to scope of insurance cover for requirements DS-GMO
  • Identification and establishment of contact with the responsible supervisory authority
  • Creation and implementation of a lock/delete concept (hist. data & cont. data mgmt)
  • Creation and implementation of a concept for the de-personalization of test data
  • Creation and implementation of a concept for information, copying and transfer of personal data
  • Adaptation of communication with customers and employees to meet information requirements
  • Creation of a "data protection information and action culture" by raising employee awareness
  • Planning and execution of initial and continuous checks of the measures taken


We have made it our business to cover the entire spectrum of data privacy and protection within complex IT process and system landscapes. This includes legal, IT-strategic, and IT-technical consulting and implementation.


Our close partnership and co-innovation in the area of data privacy & protection with SAP, our partnership with SAP Customer Data Cloud from Gigya, and our cooperation and commitment to IAPP puts us in a position to optimally realize those fields of action in particular that have a strong influence on IT and process landscapes.



Benefit from our experience and use our numerous templates and solutions as an accelerator for your compliance project.



Our services at a glance:

Legal compliance advice, project support and audit

IT strategy and architecture consulting as part of compliance solutions

Project management and PMO in compliance projects

Technical conception of all relevant compliance fields of action

IT conception and implementations to cover the rights of individuals & toMs

Quality assurance, auditing and certification of various GDPR fields of action





Learn more about this topic and tune into our webinar that covers the GDPR fields of action your company needs to take or contact us directly!


Questions, Suggestions, or Feedback? We look forward to it!