+49 89 990 18 17-0 info@prestele-it.com
Support
+49 89 990 18 17-20 ticket@prestele-it.com
The legally compliant implementation of the GDPR requires specific knowledge: Therefore, hand over the task of data protection to our experts! Our external data protection officers take care of all data protection issues in your company. They provide targeted support in implementing and complying with the GDPR. So we take care of everything while you concentrate on your core business!
For many companies and organisations, it might be hard to keep track of the number of regulations and guidelines regarding data protection. In addition to GDPR and BDSG there are industry-specific regulations that must be respected. As part of our data protection consultation, we support you in designing data protection-compliant processes – personally adapted for your company. Get individual consulting now!
Data protection is generally the protection of privacy and personal data from unauthorised collection, storage and disclosure.
Essentially, it is about the processing of personal data. Personal data is the core concept of data protection: this refers to all information about an identifiable person, for example name, contact details or health information. In this sense, data protection safeguards the right to informational self-determination. Everyone has the right to determine for themselves what personal data they want to make accessible, when and to whom. In the corporate context, this applies to the data of employees as well as customers and business partners.
If personal data is processed, data protection laws must be respected. Data protection in Germany is mainly governed by the Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG) and the European Union’s General Data Protection Regulation (GDPR). Together, they ensure the protection of the right to informational self-determination.
Data protection and data security are often mistakenly used synonymously. Unlike data protection, data security rather describes the practical security measures for protecting data. This includes, for example, protecting the data from unauthorized access and ensuring availability. Both elements – data protection and data security – must be respected in the company.
Data protection primarily helps to protect against the misuse of data. In the current information age, we deal with data and information every day. We regularly disclose personal information, especially via the Internet – often unconsciously. Data protection on the Internet is therefore becoming increasingly relevant, because this is where data transfer and data processing take place in large quantities. In many settings today, these data are the basis for business processes or entire business models. Especially at this point, data misuse and loss must be prevented. In order to realise this and to protect the right of informational self-determination, the uniform guidelines (GDPR) were created. It is essential for companies to comply with the GDPR, because violations of data protection can result in severe penalties.
Our data protection experts ensure that mistakes in the handling of personal data are avoided and risks are minimised. We implement data protection requirements in such a way that all stakeholders of the company are protected against data protection breaches!
Since 25 May 2018, data protection law has been regulated by the General Data Protection Regulation (GDPR). The GDPR is the principle of data protection in the European Union and uniformly regulates the handling of personal data. National rules of the EU member states supplement the GDPR. Data protection in Germany is extended by the Federal Data Protection Act (BDSG).
In companies, the implementation of these legal requirements is ensured and monitored by a company data protection officer. Responsible supervisory authorities in the respective federal states in turn check compliance with data protection in companies. The highest federal supervisory authority in data protection matters is the Federal Commissioner for Data Protection and Freedom of Information.
The principles of the GDPR in relation to the processing of personal data include:
At the core, the General Data Protection Regulation states that data processing may only take place for clear and legitimate purposes. In addition, the GDPR prescribes information and documentation obligations for companies. These include, for example, the creation of a record of processing activities or a data protection impact assessment. Officials must prove that they comply with the regulations of the GDPR.
To meet all these obligations our external data protection officers get into the game!
The GDPR applies to all companies that have their registered office or a branch in the EU. However, it also applies to companies located outside the EU when they process personal data of EU citizens.
Companies are obliged to protect personal data of customers, employees or business partners. To ensure the compliance, it is particularly important to have a precise knowledge of the multitude of obligations and laws. Special measures to protect the data must be taken, which require specific know-how. This is where the specialist knowledge and comprehensive data protection consultation provided by our experts come in: They support you to run your business in a data protection-compliant manner.
Why is legally compliant handling of personal data so important? In case of non-compliance, there is a risk of high fines and you may suffer considerable damage to your image.
That is why you should rely on data protection with our external data protection officers:
In order to consistently ensure data protection in your company, regular employee training is important. Data protection training courses ensure a better understanding and awareness of data protection in your workforce. Above all, they teach employees dealing with personal data in their everyday work how to handle it correctly. Regular training also ensures the necessary compliance in data protection in your firm.
Since there is often a lack of internal capacities, our external data protection officers take over this task for you: by attending online training courses, your employees learn the basic principles of data protection. After successful participation, they receive a corresponding certificate.
Gain a better understanding of data protection with our targeted training courses and stay up to date!
A legally compliant implementation of the GDPR is compulsory. Professional data protection management requires specific knowledge – which is provided by our experts. We support you in developing legally compliant privacy concepts and focus on fundamental, actually relevant measures: With us, you get what is really necessary for a GDPR-compliant everyday business. We stand for a clear and realistic implementation of the GDPR.
The external data protection officer:
A data protection officer takes care of all data protection tasks within the company. He acts as an interface between the company, supervisory authorities and people affected. The data protection officer knows all duties and thus supports the implementation of all data protection requirements. He also knows exactly what measures need to be taken in the event of data protection breaches.
With his support the risk of data misuse and data protection breaches is minimised considerably. Appointing a data protection officer, you ensure that the information and documentation obligations are fulfilled in accordance with the regulations. To master this demanding task, the DPO has specific knowledge and expertise. It ranges from extensive legal knowledge to knowledge of authorities and know-how in IT.
A data protection officer can be appointed internally or externally. This means that the DPO function is either fulfilled by an employee of the company or outsourced as a service.
GDPR and BDSG specify the criteria according to which a data protection officer must be appointed. Companies and organisations that meet these requirements are obliged to appoint a data protection officer – whether internally or externally. The decisive factors include how personal data is processed and whether data processing is a core activity of the company. The size of the company alone is therefore not crucial. A DPO may also be mandatory for small and medium-sized enterprises, start-ups, self-employed persons, public authorities, institutes, practices and associations.
You are unsure whether you have to appoint a DPO? We will be happy to advise you!
An external data protection officer is particularly recommended if you want to hand over the task of data protection to an expert. A lack of internal time and technical expertise are also reasons for outsourcing data protection in your firm.
While we take care of the data protection in your company, you can concentrate on your daily business. With our expert knowledge and cross-industry knowledge, you are on the safe side. We advise you as external data protection officers on compliance with the GDPR in your company. We support you in the control and implementation of all necessary measures. We assume the obligation to provide information and conduct training courses. Professional data protection management also includes data protection documentation and a data protection management system. Here, the external DPO supports you, for example, in the creation of the technical and organisational measures (TOMs) and the data protection declaration.
Discover our various data protection packages with comprehensive services, including the appointment of a data protection officer and the introduction of a data protection management system. Learn more about the different pricing models according to your business requirements.
Get in touch and let us know how we can help.