Security

Data protection audits.

With a data protection audit, we check the DS-GVO compliance of your company and your suppliers.

Security2023-06-07T07:11:59+02:00

All services at a glance:

Data protection audits

  • Review and auditing of the company’s DS-GVO compliance

  • Review of data protection documentation

  • Technical website audit (cookies and consent management)

  • Legal website audit (legal texts)

  • Review of the privacy statements

  • Review of consent forms

  • Review of the purposes of processing

  • Review of the implementation of user rights

  • Review data processing procedures

  • Review of the order processing contracts

  • Review of internal processes

  • Examination training of the employees

The advantages for your company

0 Years
of Experience
0 Clients
as Data Protection Officer
0 Offices
in Germany

More than 450 companies trust legal data

Kundenbewertungen & Erfahrungen zu legal data Schröder Rechtsanwaltsgesellschaft mbH. Mehr Infos anzeigen.

Publications

Our staff regularly publish academically and are authors and editors of authoritative works in data protection law.

Insurance concept

Together with Markel SE and Nürnberger Versicherung, we have developed an insurance concept for the activities of the data protection officer with coverage of more than 40 million euros.

Training platform

With our own training platform legal data academy, we ensure the implementation of the legal training requirements of the GDPR.

24/7 Emergency center

Clients that we serve as external data protection officer are given a number to our 24/7 emergency centre. Data protection violations can be recorded there around the clock and it is ensured that a required report to the authority is made within 72 hours.

Questions regarding our services

What are the costs of a data protection audit?2023-06-06T13:06:57+02:00

The costs depend on the size of the company and the number of branches. We will be happy to provide you with a fixed price offer within 24 h.

What are the benefits of a data protection audit?2023-06-06T13:07:54+02:00

With a data protection audit, you demonstrate to customers and also in the event of an official audit that you comply with and implement the legal provisions and requirements of the GDPR. In this way, you also create trust among potential customers and cooperation partners who want proof of your compliance with the GDPR.

According to which standards is the data protection audit carried out?2023-06-06T13:08:29+02:00

We audit your company according to the legal standards of the DS-GVO and the BDSG (new). From a practical point of view, we are guided by the legal requirements of the audit procedures of the state data protection authorities.

What qualifications must a data protection officer have?2023-06-06T13:09:23+02:00

According to the requirement of Art. 37 (5) GDPR, a data protection officer must fulfil the following three main factors:

  • Professional qualification in terms of expertise in the field of data protection law
  • Expertise in the field of data protection practice
  • Ability to perform the tasks mentioned in Art. 39 GDPR (see above)
How is a data protection officer liable?2023-06-06T13:09:55+02:00

The external data protection officer is personally liable for all activities. Because of this high risk, we have developed an insurance concept that covers damages of up to EUR 40 million.

What are the tasks of a data protection officer?2023-06-06T13:10:39+02:00

The specific tasks of the data protection officer result from the GDPR and primarily include:

  • Monitoring the legal requirements of the GDPR
  • Overview of processing activities
  • Risk assessment of processing activities
  • Training of employees
Who needs a data protection officer?2023-06-06T13:11:16+02:00

Certain companies are obliged to appoint an (external or company) data protection officer. The General Data Protection Regulation (GDPR) and the new Federal Data Protection Act (BDSG) require the appointment of a company data protection officer if one of the following conditions is met:

a) As a rule, at least ten persons are permanently employed with the automated processing of personal data in the company.

b) The core activity of the company consists of carrying out processing operations which, due to their nature, scope and/or purposes, require extensive regular and systematic monitoring of data subjects (this includes, for example, hospitals and pharmacies).