Our approach

Our approach to reaching compliance with Data Protection Requirements varies according to our clients’ needs. We provide support for large corporations as well as mid-sized enterprises and small companies both locally and across the globe.

Large corporations generally require a thorough analysis of the organization beforehand especially with regard to intra-company structures in order to entirely tackle Personal Data Flows. Mid-sized enterprises usually focus on time effective solutions whereas small companies may need more intense day-to-day guidance.

First step

First step in all cases is to determine the status quo of the organization by e.g. interviewing contact persons of relevant departments and deciding on which auditing method would best apply. For example, one of our leading clients within the power industry sector consists of approximately 400 legal entities in more than 23 countries and makes use of a variation of our services (such as Data Protection Officer designations or auditor services).

We serve as first point of contact for certain affiliates at local level and collaborate both on group-wide decisions on Data Protection Policies and Audits performed internally at corporate level. On a daily basis, we provide guidance on individual topics that arise in various departments. Furthermore, we take over communication with Supervisory Authorities where necessary.

Tools and applications

Apart from that, we have analyzed more than 200 tools and applications with regard to Data Protection Requirements, either existing ones or the ones that still need to be implemented. Our international team has been able to interact in various project languages and take into account any specific local requirements, both European and non-European.

As some countries explicitly require a Data Protection Officer, several of our clients’ affiliates have decided on an appointment within our law firm. Another client, a leading host provider in the USA and UK with products and systems in nine countries, focused on detecting the status quo by on-site audits. We have prepared detailed reports after the audits and implemented the necessary measures according to the findings.

Following the audit, we keep track of any Data Protection issues that may occur and support with any necessary changes within the organization. Altogether, we make sure to continuously assist our clients throughout the project term and beyond, if necessary.

Our goal

Our goal is to implement and support effective Data Protection Management across the companies and their departments. Therefore, we make sure that no legal requirements have been neglected and that our clients are prepared in case of any inquiries by Data Protection Authorities.