External data protection officer

Our external data protection officers will support you in all matters relating to data protection and data security. From the EU General Data Protection Regulation (GDPR) to Germany’s Federal Data Protection Act, as data protection specialists, we will help you comply with all the requirements. National companies and multinational corporations alike have trusted in our expertise for many years.

At ISiCO, experienced lawyers and IT consultants work hand in hand to effectively protect you from the threat of warning letters and fines. Your dedicated contact is ready to respond whenever you need them, implementing suitable, practical and legally compliant data protection concepts on your behalf. This ensures comprehensive data protection compliance at every level in your company.

Your benefits with ISiCO:

  • Our expert lawyers and IT consultants have many years of professional experience
  • Industry-specific data protection solutions adapted to your individual needs (e.g. pharma and health, e-commerce, energy)
  • Minimise liability risks for senior management
  • Transparent costing
  • No need to commit your internal resources, no conflicts of interests
  • Flexible contract terms
  • Consulting tailored to your company’s different departments (e.g. IT, marketing, CRM)
  • Our data protection officers can be reached easily and at short notice, with cover always guaranteed

The wide-ranging duties of an external data protection officer (DPO) include:

  • Developing joint data protection targets, identifying where action is needed and drawing up a time frame for achieving legal compliance
  • Performing risk analyses and audits
  • Advice on setting up a data protection management system (DPMS)
  • Conducting regular reviews as part of a DPMS
  • Advice on preparing and implementing a data protection concept
  • Reviewing reportable incidents
  • Implementing and ensuring “privacy by design” and “privacy by default”
  • Preparation of reporting documents
  • Preparation and review of all documentation such as records of processing activities, data protection impact assessments (DPIAs), technical and organisational measures (TOMs), erasure and archiving concepts
  • Reviewing information on data protection, privacy statements, guidelines and works agreements
  • Advice on drawing up data processing agreements (DPAs) with external service providers and ensuring compliance with essential monitoring obligations
  • Monitoring the correct application of data processing programs
  • Assistance with responding to data subject requests (e.g. right to erasure or right of access)
  • Advice on all matters involving the protection of employee data and monitoring compliance with the relevant legislation (e.g. maintenance of personnel files, onboarding/offboarding, applicant management, staff use of the internet)
  • Arranging and conducting training sessions¹ and providing information about how to handle personal data in a legally compliant manner
  • Monitoring the status of data protection in the company
  • Assistance with certification processes
  • Responding to requests from supervisory authorities
  • Advising senior management and the relevant specialist departments
  • Preparation of an annual report on data protection

You too could benefit from the vast expertise of ISiCO’s highly experienced data protection professionals. We will ensure comprehensive data protection compliance at every level in your company – individually tailored to your business needs. Contact us today to arrange a no-obligation consultation.

(¹ ISiCO conducts training either as face-to-face courses on site or, on request, via our online platform “lawpilots”. We would be happy to send you a test link to the platform if you are interested.)

We will contact you!

In our privacy policy you will find more information on how we handle your personal data and what your rights are.