Data Protection Consulting
What we do?
Data Protection Consulting according to the GDPR
We support companies in meeting the data protection requirements of GDPR. ink will find a solution which is complementary to your situation.
Benefit from our years of experience and expertise as external data protection officers. We will support your company independetly from your industrial sector or product offerings. Contact us for a sectoral consultation.
Who needs Data Protection Consulting?
As supervisory authorities continue to focus on informational protection, the ever-increasing demands on data privacy will have to be met. For small and medium-sized companies (SMEs), right up to large enterprises topics waiting to be addressed and resolved. Furthermore, there is often a lack of time and expertise in corporate practice and business processes to devote sufficient attention to the topic of data protection. We have specialised our services in supporting companies as external data protection officers and data privacy consultants.
As part of our data protection consulting services, we help companies of all sizes and across all sectors – we are very proud to have been able to represent top-class mandates in our young company history.
Why ink solutions?
As a young and agile company, it is particularly important to us to be able to support companies as smart and up-to-date as possible. Therefore we offer our data protection consulting in packages. With these fixed-price packages we make it possible for companies to ensure their data protection with calculable costs and planning security and to benefit from our services as external data protection advisors. Thus we can support almost every company as internal data protection officer or even guarantee the entire data protection in the company.
Your advantage: First-class data protection consulting for every industry in a comprehensive package. Together we will definitely find a solution that suits you and your company!
„In the recent years of our professional practice, we have specialised in the consulting of data protection according to the Basic Data Protection Regulation (GDPR). We have already helped numerous companies to master the manifold challenges of this topic.“
„When it comes to data protection, ink is your partner who will always find a suitable solution for your company! Let’s find out, how good data protection can help to navigate digitization in your company and to create trust among customers and employees. Digitalization and data protection needs to act like a symbiosis and go hand in hand“.
Our Solution for You!
With these solutions, we support companies in mastering their data protection challenges. Do not hesitate to find out what we can do for you in our specific sectoal consultation!
Hired Data Protection Officer
As external data protection officers, we take over the work of data protection in your company.
- We create a concept for data protection
- Performance of data protection training courses and if requested, special training
- Communication with supervisory authorities and affected people as well as project support are all part of our service
- If ordered, we will undertake a comprehensive inventory
- We make the procedure index according to Article 30 of the GDPR
- Creation and counselling of the data processing agreement (DPA)
Individual Data Protection Consulting
- The design of your projects according to data protection laws
- The enabling of new communication systems, customer databases, sales and marketing activities and much more
- Questions of staff data protection
- Sector-specific counselling in the sectors health, HR, Call Center
- Service as an interim data security manager
We support you in making your projects according to data protection laws and customer-friendly.
Data Protection Audit
Execution of data security audit and GAP analysis including the conception of recommendations for action.
- Initial inventory and creation of GAP analysis
- Execution of document audits or on-the-spot audits
- Creation of audit reports and descriptions of measures of compliance
The results will lead to an improvement of data security in your company and can be used in many ways; for communication with clients, authorities and as a proof of your data security level!
Data Protection Training
In the context of your internal training measures, we provide you with basics training as well as special training all about data protection.
- The basics training contains general knowledge about data protection regulations and best-practices
- Special training contains sector-specific or target-group-specific knowledge, for example for administrators or HR managers
Our training courses are interactive and involve your employees so that your specific company situation and everyday working life are taken into account.
Our Packages
Standard
(3 Stunden im Monat inklusive)*
- Bestellung als externer Datenschutzbeauftragter
- Bestandsaufnahme (GAP-Analyse)
- Grundlagenschulung (zweijährlich)
- Für einen Umfang von 3 Stunden im Monat inklusive sind enthalten (jede weitere Stunde wird mit dem Satz von 139,- pro Stunde abgerechnet):
- Bereitstellung von Musterdokumenten
- Bearbeitung von Anfragen (intern, betroffene Personen, Aufsichtsbehörde etc.)
- Tätigkeitsbericht (zweijährlich)
- Vertragsdauer / Vertragsverlängerung: 1 Jahr / 1 Jahr
- Kündigungsfrist: 3 Monate zum Ende eines Quartals
all ink
(6 Stunden im Monat inklusive)*
- Bestellung als externer Datenschutzbeauftragter
- Bestandsaufnahme (GAP-Analyse)
- Grundlagenschulung (jährlich)
- Spezialschulung (jährlich)
- Für einen Umfang von 6 Stunden im Monat inklusive sind enthalten (jede weitere Stunde wird mit dem Satz von 139,- pro Stunde abgerechnet):
- Bereitstellung von individualisierten Dokumenten
- Bearbeitung von Anfragen (intern, betroffene Personen, Aufsichtsbehörde etc.)
- Tätigkeitsbericht (jährlich)
- Vertragsdauer / Vertragsverlängerung: 1 Jahr / 1 Jahr
- Kündigungsfrist: 3 Monate zum Ende eines Quartals
all services can also be booked individually (hourly rate)
*Expenditure calculated according to hourly rate
Hourly Rate: 139€ per hour, including travel costs
Data Protection FAQ
Are you unsure whether data protection consulting is relevant for you at all? In our FAQ we have answered the most frequently asked questions about data protection for companies.
What is Data Protection?
Data protection derives from the right to informational self-determination and protects the general personal right. The basic idea behind data protection is the aspect for every person to decide what happens to his data and information by himself. Conversely, the affected persons must always be informed about the usage of their data and is allowed to decide how the personal is used/shared in terms of data handling by themselves.
Why is Data Protection important?
Data protection is a fundamental right and helps to build trust with customers, employees and protects the basic right to informal self-determination. Furthermore smart data protection supports your digitalization and helps to define sustainable digital infrastructures.
Who is affected by the Basic Data Protection Regulation (GDPR)?
The basic data protection regulation (GDPR) applies to the processing of personal data within the EU and non-European companies, that process data within the EU. In practice, it mainly affects companies and government agencies. The more sensitive the data processing, the higher the requirements. Excluding data processing in the personal and family area.
What data are considered personal data under the GDPR?
What data is considered personal data under the GDPR?
Personal data is all information that relates to a natural person or makes a natural person identifiable. This includes almost all data if it is associated with a person. Personal data includes:
- name
- address
- email address
- application documents
- protocols on access of persons to buildings
- picture and video material on which persons are recognizable
- IP addresses
- the vehicle number plate
- video or photo recordings
- etc.
What are typical cases for documentation obligations in Data Protection?
Documentation obligations result essentially from the principle of accountability. Those are responsible for data protection and must be able to prove at any time, that they meet the requirements of data protection. The documentation is a key factor for the implementation of data protection processes.
Among other things, the implementation of data security trainings, the establishment of a data security management or the concept of deletion and authorization needs to be documented.
7 Reasons for professional Data Protection for your Company
- Strengthening of trust towards employees and customers
- Ensuring compliance
- Pragmatic data protection supports processes and does not complicate them
- Protection from fines
- Protection against image damage
- Data protection gives modern IT structure
- Data protection is a fundamental rights protection
Who is Responsible for Data Protection in a Company?
Data protection is a management task! The management is responsible for the implementation of data protection requirements.
Ultimately, however, each employee is also responsible for the compliance of data protection within the scope of his/her own role. The management and the executives are responsible for planning and implementing suitable measures for the implementation of data privacy. This also requires the establishment of an effective data privacy management system. Data privacy officers execute the function of advising on the implementation and working towards data security.
When do I need an external Data Protection Officer?
The obligation to order a DPO basically exists if parts of your business purpose include the processing of personal data (e.g. recruitment agency or call centre) or if more than 10 persons are regularly employed with the processing of personal data (e.g. the case with large personnel departments).
Who may be the Data Protection Officer in the Company?
The data protection officer may be whoever has the necessary qualifications and in particular the necessary specialist knowledge. Both, internal employees and external service providers can be appointed as data protection officers. Data protection officers are not bound by instructions in their work and should be free towards conflicts of interest. For this reason, they are usually directly assigned to the management. Due to possible conflicts of interest, managing directors are excluded from the role of data protection officers.
When do you need a Privacy Policy?
The protection policy is regulated in the Articles 12 to 14 GDPR and is a part of the DSGVO which will be revised in the future. Currently, the information in accordance to these articles must always be provided when personal data is processed. As this often leads to organisational problems in practice, the data protection declaration is often outsourced to the company’s website in order to provide information to those who are affected in the most pragmatic way possible.
Are Training Courses on Data Protection mandatory?
Data privacy training is not explicitly required by law. However, the GDPR requires the implementation of appropriate measures to ensure data protection. This includes the regular training of employees involved in the processing of personal data. In practice, it is not necessarily the craftsman working on customer assignments who needs to be trained. The employees of the personnel department and the IT administrators do need to be trained!
What is a Violation of Data Protection?
A breach of data protection ultimately means that the regulations of the GDPR or other data protection regulations were not observed. However, since minor violations of data protection are commonplace and even occur at the supervisory authorities, the term data protection violation usually refers to reportable data protection breakdowns or violation subjects to a fine. A data protection breach results from the fact that rules are not observed, for example: Companies have not implemented a deletion concept or data has been stolen.
Data Violation in your Company: What to do?
If a violation of data protection occurs in your company, you are obliged under Art. 33 GDPR to report it to the supervisory authority within 72 hours, which is responsible for your company. Most supervisory authorities have an online form for this purpose. It is possible to make a preliminary notification to comply with the tight deadline, if the matter has not been fully clarified yet. However, a data protection breach can only be assumed if the breach also poses a risk to the rights and the freedom of the data subjects.
Data protection made in Darmstadt.
Contact us for a sectoral consultation!
ink solutions GmbH
Grafenstraße 31a, 64283 Darmstadt
+49 (0) 6151 3944203
Datenschutz made in Darmstadt.
Your success is our motivation! Contact us for a sectoral consultation.