A Holistic Consulting Approach for Your Professional Data Privacy Management


At Natuvion, we have made it our business to cover the entire spectrum of data privacy and protection within complex IT process and system landscapes. This includes legal, IT-strategic, and IT-technical consulting and implementation, as well as all processes involving the relevant groups of stakeholders (customers, suppliers, employees, etc.). This approach makes us unique because we turn theory into actual hands-on practice.


Based on our many years of consulting experience in data privacy implementation projects, we have developed a holistic and standardized overall approach for the implementation of a complete data privacy management system.

We determine the concrete implementation needs for your company in a GDPR Scoping Workshop and derive a roadmap with specific implementation steps and costs.


We rely on SAP Privacy Governance to provide software support for your data privacy management. SAP Privacy Governance helps to integrate a governance process for handling personal data into your daily business.



Our typical service portfolio regarding GDPR projects includes the following components:

  • Data processing in the company and directory of processing activities
  • Revision, control, and documentation of order data processing
  • Implementation of a risk-based approach to determine the technical and organizational measures
  • Review and adaptation of contract templates and informed consent
  • Review and revision of the data privacy manual
  • Re-establishment of the Data Privacy Officer (and Data Privacy Coordinators where appropriate)
  • Implementation of the principles "Privacy by Design" and "Privacy by Default"
  • Implementation of a data privacy impact evaluation process
  • Implementation of a reporting process to monitor data transfers to non-EU countries


  • Agreement on the extent of insurance coverage for GDPR requirements
  • Identification and contact with the responsible supervisory authority
  • Creation and implementation of a block/delete concept
  • Creation and implementation of a concept for the depersonalization of test data
  • Creation and implementation of a concept for provision, copy, and transfer of personal data
  • Adaptation of the communication towards customers and employees to comply with information obligations
  • Development of a "data privacy information and action culture" by raising employee awareness
  • Planning and implementation of initial and ongoing reviews of the measures taken



Do you have any questions? Are you interested in a demo? Contact us here!