ContactLocations • Phone +49 7151 369 00 0
Consulting

Data protection

Fulfil your legal obligations with help from audius

Entrepreneurs are subject to strict legal requirements of personal data protection. As experienced IT service provider, audius has been advising companies on data protection and IT security for years. Our data protection audit reveals the extent to which your website and data processing procedures are already DSGVO-compliant - and what you may still need to do.

Mehr erfahrenDiscover more
Mehr erfahren Discover more 0
Profile picture for user Holger Zürn
Holger Zürn
Data Protection Officer

+49 (7151) 369 00 - 284

Benefits
Information
Options
General Data Protection Regulation
Benefits
vorteile
Flexibility
In any case, we enable you variable contractual arrangements according to your requirements!
Security
By working together with external data protection experts from audius, you give your employees security and peace of mind in handling confidential data!
Experience
Thanks to regular training and findings from other companies, you can entirely rely on the expertise of data protection specialists from audius!
Neutrality
By opting for an external data protection officer from audius, you avoid conflicts of interest. A neutral view of your company is guaranteed!
Averting fines
Data protection experts at audius ensure your company compliance with data protection regulations. So you comply with provisions of GDPR and avoid fines by the data protection authority!
Expertise
audius employees have the necessary data protection training as well as all necessary documents and templates. It means they are immediately ready for action as advisors or data protection officers without any training period!
Normaler Abstand nach oben
audius | GDD Mitglied
https://www.gdd.de/
audius | BvD Mitglied
https://www.bvdnet.de/
Informationen
informationen
audius | data protection audit
How audius can help your company with data protection

You can benefit from our data protection expertise in many ways. At first, we carry out a data protection audit. You will then know the level of data protection at which personal data processing is carried out in your company and with service providers you have commissioned.Based on these principals, we support you in planning and organising further steps towards a seamless data protection management system.

Ist kein Erfahrungsbericht
Text links & Medien rechts

This should contain the following components:

  • Complete and error-free documents for accountability in accordance to GDPR
  • Overview of existing processes within the company involving personal data
  • Comprehensive overview of specific data protection issues which are still to be addressed in your company

If your company is obliged to appoint an internal or external data protection officer in accordance with GDPR, we are happy to provide you our advice and support on request.

The data protection audit

The procedure of data protection experts at audius consists out of basic steps:

  • Basic workshop
    • Protection needs analysis
    • GAP analysis
  • Documentation on the current status of data protection
    • Recommendations on how to proceed

At first, we evaluate in a basic workshop together with the customer, the client's established concepts and specific solutions in terms of data protection - and where may still be need for action. Among other things, we clarify with the data protection audit which processes the client has (protection requirement analysis) and which categories of data are being processed. The legal, technical and organisational measures taken by external service providers, in context of commissioned processing, are also put to the test. 

A written documentation of the most important audit results about the current data protection status is then sent to those responsible in the commissioning company. The time and effort required for this basic version of data protection audit is approximately five man-days. 

In step two, the documentation serves as a starting point for all possible further measures to improve data protection. Depending on the needs identified, audius will prepare a detailed offer to support the implementing open points. The focus is primarily on two topics.

audius | Data protection
Data protection officer

As soon as at least 20 employees are permanently involved in automated processing of personal data - i.e. using IT systems – the company must appoint an internal or external data protection officer, according to BDSG. We, here too, can assist you on request by providing an external data protection officer or by supporting your in-house data protection officer with advise.

Ist kein Erfahrungsbericht
Text rechts & Medien links
audius | Datenschutz

The main task of the data protection officer is to inform those responsible in the  company about the requirements of the Federal Data Protection Act and other data protection regulations, as well as advise them on their implementation. Further, compliances with the applicable data protection rules are monitored. The data potection officer is reporting directly to the management and is not subject to directives. An external data protection officer must meet two statutory requirements: sufficient expertise in data protection and reliability. Our employees fulfill both requirements to the highest standard.

Ist kein Erfahrungsbericht
Text links & Medien rechts
What options do companies have in appointing a data protection officer?
optionen

External data protection officer

Let one of the audius experts handle the job!
The simplest way to fulfill your company's data protection obligations is to commission an external data protection officer. At audius, the data protection experts know the relevant laws down to the last detail.

They can also show you the best ways to optimize your data processing methods in line with such legislation and avoid related fines. Depending on your company's size and how its data landscape is structured, the external data protection officers may only need a few days each year to ensure your compliance with the BDSG.

With audius taking care of things for you, you’ll no longer need to worry about data protection, and your employees will see only a minimal increase in workload.

Internal data protection officer

audius will bring your company up to speed with the BDSG!
If your company has the necessary resources at hand, appointing an internal data protection officer may be the better option. The time it takes an employee to handle the tasks this position involves depends on the scope of the data protection processes at your company.

Meanwhile, the necessary basic expertise can be acquired in standardized seminars offered by TÜV, IHK, and other German institutions. In practice, however, internal data protection officers often run into specific issues they are unable to handle without assistance.

This is where data protection consultants from audius come in: They'll leverage their expertise to give your data protection officer added confidence and provide support as you optimize your processes. You’ll then be able to rest easy knowing that your internal data protection officer has all of his or her tasks well in hand.

Review of websites under data protection law

The transparency and openness are essential characteristics of our work. Therefore, we would like to point out that a service company such as audius cannot create or prepare required ‚website data protection information‘ in a legally and secure manner.

audius | Datenschutz
What we can do
  • Website: Examinate aspects of data protection and telemedia law by drawing up a list of facts and, if necessary, a catalog of measures. We can only issue the required declarations with subject to certain reservations. These are described in more detail below.
  • Content management system: Assistance in selecting a CMS which enables the technical requirements for a legally compliant operation of your website. It particularly concerns the storage and processing of personal data within cookies.
  • Social media platforms: Advice on data protection and telemedia law as well as technical design requirements for the integration of "share buttons" on your website.
Ist kein Erfahrungsbericht
Text rechts & Medien links

Necessary reservations

  • We can only evaluate what we discover. If relevant data processing in connection with data protection is hidden "deep in the source code" of a website, we cannot guarantee identifying it independently. We will require your cooperation or the cooperation of your web agency.  
  • Internet applications are highly dynamic. However, our website audits can only be snapshots. Many service providers - often from the USA - reserve the right to offer their services in the future under different conditions in terms of data protection.
  • Many common web technologies can process data in an illegal manner. We would  inform you if such applications are being used on your website. You would have to weigh up the risks yourself as to whether and under what conditions you want to continue to use such services.
The General Data Protection Regulation (GDPR)
dsgvo

On 25 May 2018, the General Data Protection Regulation came into force across Europe. It ensures consistent data protection law within the European Union and demands high fines in the event of violation. In Germany, the Federal Data Protection Act (BDSG) has enforced the European guidelines. 

Since GDPR came into force, data protection has been a major issue all over the companies. It is, the data protection-compliant recording and processing of any personal data, which involves some effort. In many companies it can hinder day to day business processes. 

audius dealt with data protection at an early stage, so we can provide you with optimum support. Our aim is to automatically integrate data protection requirements into your companies processes. It would ensure smooth processes in your day to day business so you can fully concentrate on your actual work.

Essential data protection issues are:

  • Wide-range responsibility of the management
  • Effective enforcement of the data protection law through high liability and fines
  • Privacy by Design / Privacy by Default as basic principle in data protection law 
  • Data protection impact assessment
  • Extensive duty to report data breaches
  • Extensive documentation and verification regulations - keyword Data Protection Management System (DSMS)
  • Persons rights
  • Important role of the data protection officer

The time to update data protection in your company is now ! Inspections by the supervisory authorities are in full operation. Ignorance is no excuse.

 

Contact
kontakt

If you would like to bring your company website and personal data processing in line with GDPR, please contact us.