Group data protection officer
Our experienced group data protection officers support you in the coordinated implementation of and compliance with the GDPR in your group and its affiliated companies.
We ensure that data are exchanged in compliance with the law throughout the group, leaving you to focus on your core business – whether it be national, European, or even global.
For the first time, the GDPR specifically standardises the role of group data protection officer, giving groups the opportunity to concentrate their data protection affairs simply and effectively in a single person. ISiCO’s specialised solicitors and IT consultants bring together extensive legal and technical expertise in interdisciplinary teams, allowing them to meet all of the specific data protection needs within your group.
Why choose ISiCO?
- Our solicitors and IT consultants possess in-depth legal and technical expertise
- Provision of an external group data protection officer
- Harmonisation and centralisation of your group-wide and internal organisational structure
- Professional project management, incl. project and work plans
- Data protection for specific fields: we address your individual needs (e.g. pharma and health, e-commerce, energy)
- Minimisation of management liability risks
- Cost and efficiency benefits thanks to appointment of a single data protection officer
- No need to commit internal resources; avoidance of conflicts of interest
- Support in coordinating data protection activities
- Better fulfilment of your documentation obligations
- Thanks to flexible contract terms, you can switch group data protection officers with relative ease; the enhanced protection against dismissal offered to internal data protection officers does not apply
- Specialist departments in your company (e.g. IT, marketing, CRM) benefit from our expertise – we advise on current issues such as personalised customer communication, outsourcing, newsletter marketing, and data science
- Our staff are available at short notice – with substitutions ready to step in if need be
- Coordinated, responsible-minded image to the outside world regarding compliance with data protection law
What a group data protection officer does:
- Development of common data protection objectives, definition of action plan, creation of a timetable to achieve legal compliance
- Risk analyses and audits
- Advice on establishing a data protection management system (DPMS)
- Coordination of all matters relating to data protection within a company, in particular regarding group-wide exchange and use of personal data
- Advice on creating and implementing a data protection strategy
- Support in creating and reviewing all documentation, e.g. records of processing activities (RPA), data protection impact assessments (DPIA), technical and organisational measures (TOMs), erasure and archiving policies
- Review of data protection information, privacy policies, guidelines, and works agreements
- Advice on arrangements for processing contracts with external service providers and assurance of compliance with required control obligations
- Monitoring correct application of data processing programs
- Support when replying to requests from data subjects (e.g. right to erase, right of access)
- Advice on all issues relating to employee data protection and monitoring its legally compliant implementation (keeping of personnel files, onboarding/offboarding, applicant management, employee internet use)
- Organisation of training courses and information for employees regarding legally-compliant handling of personal data
- Monitoring of company data protection compliance and support during certification process
- Support during certification process
- Support when dealing with supervisory authorities, in particular responsibility for correspondence
- Advice to management and specialist departments
- Creation of an annual data protection report
By obtaining a comprehensive overview of the processes relevant to data protection within your group companies, an experienced group data protection officer from ISiCO can effectively protect you from warnings and administrative fines.
Choose ISiCO and benefit from a personal, professional contact who will ensure compliance with data protection legislation at all levels and at the highest quality.