Data protection that safeguards your business without slowing it down
What data protection means for your business
Data protection law applies to virtually every company today. Customer data, employee data, supplier contacts, website visitors: almost no business operates without processing personal data.
A structured approach to data protection does not just create legal certainty. It also brings clarity to your internal processes. That is where I come in: I help companies focus on what genuinely matters, without creating unnecessary work.
How I can help
Drafting and updating data privacy notices, records of processing activities and internal data protection policies
Reviewing and drafting data processing agreements with service providers
Ensuring the GDPR-compliant integration of tools, software and external service providers
Carrying out data protection impact assessments for high-risk processing activities
Support in the event of a data breach
Handling data subject requests and preparing for regulatory audits
The external Data Protection Officer: your solution for legally sound data protection
Many companies are legally required to appoint a Data Protection Officer. Others do so voluntarily and that is a very good decision. As a TÜV SÜD-certified external DPO, I am happy to take on this role for you. What sets me apart from pure data protection consultants: I am a German-qualified lawyer. That means I can advise not only on data protection law itself, but also where it intersects with other legal areas (employment law, contract law and AI law among others).
For companies that want to meet their statutory requirements and have a reliable point of contact when things go wrong
- Appointment and notification to the data protection supervisory authority
- Support in the event of a data breach
- Recommendations for action
For companies that want to take an active approach to data protection and value regular support
- All services included in Basic, plus:
- Setup call (1 hour) at the start of the engagement
- 1 hour of advisory time per month
- Regular updates on relevant developments in data protection law
For companies with more complex structures or a higher volume of data protection requirements
- All services included in Plus, plus:
- 1 additional hour of advisory time per month
- Bi-annual strategy call via video call
- Annual staff training via video call
- Priority handling of data protection queries
Additional time beyond the included hours is billed transparently by the hour. All plans can be terminated on a monthly basis.
Document the Current State
A full picture of your current data processing activities – what is processed, where, by whom and on what legal basis.
Identify the Gaps
A systematic review against GDPR requirements. What is missing, what is incomplete, what needs urgent attention.
Clear Recommendations
Prioritised actions tailored to the size and circumstances of your business. The foundation for everything that follows.
Also available as a standalone service, without an ongoing DPO engagement.
Prefer to handle it yourself? No problem
Nobody enjoys dealing with data protection. It is complex, time-consuming and one of the most common reasons given for why something cannot be done. But it does not have to be that difficult. With a bit of pragmatism and a willingness to work through it systematically, you can get yourself into a solid position — even without an external lawyer.
For those who want to tackle the basics themselves, I have put together the DIY Data Protection Series: nine blog posts covering all the essential data protection documents. What you need, how to create them and what really matters. This is not a substitute for legal advice. But it gives you a solid foundation and can save you time and money.
The first step
is getting in touch
Many companies know there are data protection gaps to address, but are not sure exactly what needs doing or how urgently. That is where I come in. You just need to take that first step.