Boost your revenue with GDPR compliance
Our straightforward GDPR services pave your way to be chosen by European companies. We support you to comply with the GDPR, avoid harsh fines, and prevent costly lawsuits.
Our team consists of individuals from diverse backgrounds, including lawyers and attorneys, educated in both Europe and the US, technicians, and consultants.
Our Subscription Services
EU Representative
-
EU based Contact point for supervisory authorities data subjects (mail & physical letters)
-
Information forwarding service
-
GDPR update service
EU Data Protection Officer
-
EU based contact point for supervisory authorities & data subjects (mail & physical letters)
-
Notification to the supervisory authority
-
IT & legal expertise combined
Website Check
-
Evalutation of frontend website services & consent management
. -
Privacy Policy check (Article 13 + 14 GDPR)
-
Technique-oriented action instructions
EU Representative
-
EU based Contact point for supervisory authorities data subjects (mail & physical letters)
-
Information forwarding service
-
GDPR update service
EU Data Protection Officer
-
EU based contact point for supervisory authorities & data subjects (mail & physical letters)
-
Notification to the supervisory authority
-
IT & legal expertise combined
Website Check
-
Evalutation of frontend website services & consent management
. -
Privacy Policy check (Article 13 + 14 GDPR)
-
Technique-oriented action instructions
Boost sales in
Europe
No risk of harsh
penalties
Less GDPR related support cases
3 services billed monthly
save -10% by annual payment
News
Free GDPR Updates in your inbox
Frequently Asked Questions
`Yes. The GDPR also applies to organizations that process personal data of individuals in the EU, regardless of the organization’s location.
The fine for violating GDPR obligations can be up to €20 million or up to 4% of the total worldwide annual turnover of the preceding financial year, whichever is higher.
In addition, according to Article 77 of the GDPR, the data subject has the right to lodge a complaint with a supervisory authority.
Instead of or in addition to the complaint with a supervisory authority, the data subject may also file a lawsuit.
The controller is the entity that determines the purposes and means of the processing of personal data. They have the primary responsibility for complying with the GDPR’s requirements. The controller exercises overall control over the personal data and is accountable for ensuring that data processing activities are lawful and in line with individual’s rights.
The processor is an entity that processes personal data on behalf of the controller. Processors act on the instructions of the controller and are engaged by the controller to perform specific processing activities. Processors have limited responsibilities compared to controllers, and they must follow the controller’s instructions regarding data processing.
You are obliged to appoint an EU represenatitive if your processing activities are related to the offering of goods or services to data subjects in the Union, or in the monitoring of their behavior as far as their behavior takes place within the Union.
This means that if you are not located in Europe but are targeting the European market, you are required to appoint an EU representative.
Numerous companies are obliged by law to designate a data protection officer (DPO). Furthermore, it is advisable for any company that processes personal data in Europe to appoint a DPO.
A DPO assists in the implementation and fulfillment of legal requirements. Moreover, having a data protection officer shows your clients that you take data protection seriously, and you signalize a commitment to robust data protection practices.
In some countries like Germany, companies of a certain size are legally obliged to appoint a DPO.
The processor agreement, also known as data processing agreement (DPA), is a legal contract between a controller and a processor that sets out responsibilities and obligations of the data processor when processing personal data.
The controller is an entity that determines the purposes and means of the data processing, while the data processor is an entity that processes personal data on behalf of the controller.
The processor agreement is required by the GDPR when a controller engages a processor to handle personal data.
Where two or more controllers jointly determine the purposes and means of processing, they are joint controllers and must conclude a joint controller agreement.
Who We are
Savvy humans – good to know
Georgine Berger
Co-Founder / COO
Peter Harlander
Co-Founder / Data Protection Attorney
Sebastian Riedlmair
Co-Founder / Data protection Attorney
Mariella Stubhann
CEO
Matthias Redl
IT-Expert