Data Protection for Businesses

Erfahrungen & Bewertungen zu DataGuard

Request a non-binding offer. We will determine your company’s privacy requirements and associated costs.

You can object to the use of your e-mail address at any time. For further information, please refer to our privacy policy.

[honeypot fc_website_h]

Transparent monthly prices over expensive hourly rates

Cooperations | Memberships

  • Basic
    LOW Privacy requirements





    150 € p/m Learn more
    Get an Offer
  • Medium
    MODERATE Privacy requirements

    Advertising agencies

    Industrial enterprises

    Construction/Real estate

    Travel, Tourism, Hotels

    250 € p/m Learn more
    Get an Offer
  • Medium+
    High Privacy requirements

    Doctors, Pharmacists

    Lawyers, Consultants

    Online stores

    Small IT companies

    350 € p/m Learn more
    Get an Offer
  • Premium
    VERY HIGH Privacy requirements

    Finance companies

    Employment agencies

    Software/Platform solutions

    Companies with 1-150 employees

    500 € p/m Learn more
    Get an Offer
  • Corporate
    INDIVIDUAL Privacy requirements



    Publicly listed companies

    Umbrella organisations

    As required Learn more
    Get an Offer
2-months satisfaction guarantee
You should be satisfied with our support as an external DPO. Only then should you give us your trust for the full contract period.
BAFA subsidy
Our audits are eligible for at least a 50% reimbursement by BAFA. We’ll guide you through the application process.
Detailed Overview
Medium +
GDPR basic protection
Appointment of your Data Protection Officer
Notification of your Data Protection Officer to the supervisory authority
Personalized privacy policy for your website, webshop, app, platform
Data protection dossiers with technical and legal updates
Annual activity report to the Management Board
DataGuard seal for the website and for branding
Employee commitment to the principles of the GDPR
Employee training courses (digital)
Number of employees covered in the training (via the DataGuard platform) 1-50 pax 1-75 pax 1-100 pax 1-150 pax
Data protection audit
Data Protection audit (data protection assessment)
Analysis based on intelligent questionnaires (digital)
Audit calls with DataGuard’s Data Protection Officers
Audit minutes and prioritized recommendations for action
Number of supported Data Protection Impact Assessments (DPIA) 1 2 4
Data Protection documentation (prepared by DataGuard)
Preparation of Technical and Organisational Measures (TOM)
Documentation of standard processes without company specific data processing activties (e.g. personnel, purchasing, video surveillance)
Number of business units of core processes with documentation of company-specific data processing activties (e.g. gastronomy, medical treatments, car repairs) 1 business unit 2 business units 4 business units 6 business units
Additional consultation hours included in the service package – flexibly applicable for e.g.: 6 hours per year 12 hours per year 18 hours per year
Processing of data subject enquiries or queries by the authorities
On-site support for inspections by the authorities or external parties
Checking the data protection compliance of software and hardware
Duty to provide information pursuant to Art. 13 and Art. 14 GDPR
Preparation of a customized deletion concept
Data Processing Agreements (DPA)
Preparation of DPAs which the customer distributes to suppliers and external partners 5 DPAs per year 10 DPAs per year 15 DPAs per year
Checking DPAs which the customer receives from their customers and external partners 5 DPAs per year 10 DPAs per year 15 DPAs per year
Special services in Medium+ and Premium
Printing and delivery of a data protection folder with relevant information and templates
Personalized and industry-relevant training for the management team and other departments (digital)
Company-specific data protection analysis with personalized questionnaires and follow-up telephone calls 2 per year 4 per year
Data protection audit (one-off price)
All prices are net 1.000 € 1.600 € 2.200 € 3.000 €
Contract period (months) 24 24 24 24
Angebot Erhalten
Choose your industry

We support you on your journey towards GDPR compliance

  • Industrial and Manufacturing
  • Craft and Construction
  • IT
  • Finance and Legal
  • Media and Entertainment
  • Healthcare
  • Corporations
  • Churches
  • Public institutions

Your data protection team for Industrial and Manufacturing

With our expertise in the industrial and manufacturing sectors, we will support you in the processing of personnel and customer data in a GDPR compliant manner. We will assist you in the transfer of data to third-parties such as suppliers and sub-contractors. With DataGuard, you can guarantee data protection for your clients.

Dr. Patrick Schweisthal
Dr. Frank Schemmel
Ashraf Malik
Andreas Riehn
Robert Mäckle

Your data protection team for Craft and Construction

Whether working with property management companies, transferring data to sub-contractors or dealing with WhatsApp, we are familiar with the challenges faced by the craft and construction industries. Pragmatically and in a manner that is solution-oriented, we will support your company on its journey towards GDPR compliance.

Dr. Teßmar von Bonin
Maren Wienands
Patrick Schnitzer
Ashraf Malik
Dr. Hans-Georg Schaefer

Your data protection team for IT

In the IT industry, the processing of personal data is integral. We provide the expertise from cross-border data transfers to the privacy application of software tools. We support you with data protection issues regarding remote maintenance and access.

Robert Mäckle
Celine Gündüz
Janis Junker
Ashraf Malik

Your data protection team for Finance and Legal

The protection of personal data in the finance and legal sectors poses particular challenges: As a bearer of trade secrets, companies often processes sensitive data. In addition, individual EU members states have their own derogations of the GDPR. We provide business-focused data protection advice and help you make informed decisions.

Dr. Frank Schemmel
Andreas Riehn
Dr. Hans-Georg Schaefer
Dr. Patrick Schweisthal
Boris Otterbach

Your data protection team for Media and Entertainment

In the communications industry, processing high volumes of personal data is part of the job. But to whom can you send marketing communications? How can old e-mail address lists be used in the new GDPR era? We have the answers for your business and will provide pragmatic support as an external Data Protection Officer.

Janis Junker
Andreas Riehn
Celine Gündüz

Your data protection team for Healthcare

The medical and healthcare industry carries many risks with the processing of personal data. We help you deliver on your business objectives while navigating the complaint handling of special-category data.

Dr. Hans-Georg Schaefer
Celine Gündüz
Maren Wienands
Konstantin Greif
Dennis Gurewitsch

Your data protection team for Corporations

In the international networking of corporations and corporate groups, the legally compliant handling of personal data can be difficult to manage, especially when dealing with third countries. With our expertise in data protection for international companies, we understand the challenges you face and will support you in implementing the appropriate technical and organisational measures required by the GDPR.

Dr. Frank Schemmel
Maren Wienands
Dr. Hans-Georg Schaefer
Janis Junker
Andreas Riehn
Robert Mäckle

Your data protection team for Churches

We are your experts in the implementation of the KDG, the KDG-DVO, and the DSG-EKD. We are at your disposal for all data protection related questions and will serve as your IT-security guide for day-to-day church activities.

Tobias Schweizer
Dr. Teßmar von Bonin
Boris Otterbach
Dr. Hans-Georg Schaefer

Your data protection team for Public institutions

Public institutions carry a special status under the GDPR and the BDSG which comes with added complexities. In addition, there are EU member state-specific legal requirements to which public institutions must comply. As experts in this field, we provide you with comprehensive data protection support.

Dr. Hans-Georg Schaefer
Boris Otterbach
Dr. Patrick Schweisthal
Tobias Schweizer
Dennis Gurewitsch

Everything within your control

In a continuous exchange, we will work together via an intelligent web platform. The platform is intuitively comprehensive and has no barriers to usability. All information related to your company’s data protection can be accessed at any time via a dashboard.

Our platform is, of course, subject to the highest security standards. All information is protected against unauthorised access via a trusted cloud. Our cloud not only complies with applicable security regulations but also maintains our own high standards of IT and data security.

Take us on a tour of your company

In order to get an overview of the structure and processes of your company, we will perform audits with various departments within your company and address their respective personal data processing procedures.

Each department representative will use our web platform to provide specific information on the department’s operations.

Our platform learns quickly, so it will only ask questions that are relevant to your business.

The GDPR folder

When all the audits are completed, we will prepare your data protection dossier. In the course of the assessment, you will receive concrete recommendations for action, a list of your records of processing activities as well as the documentation of your technical and organisational measures (TOM).

You can retrieve the entire report at any time via the platform and present it to the authorities. If required, we will prepare a Data Processing Agreement (DPA) with which you may use to oblige your service providers to protect the data they process.

Recommendations for Action

During the ongoing cooperation, we will support you in the implementation of the technical and organizational measures (TOM). We will make adjustments and further recommendations where necessary.

You will receive a comprehensive activity report from us for the services and measures that have been performed, which can also be presented to the authorities.

We will coordinate concrete data protection goals with you and prepare a data protection guideline for your company.

Continuous support and cooperation

DataGuard is your partner for all data privacy related questions and challenges. Stand ready to report to regulators, answer to data subjects, and fulfill obligations to stakeholders.

Our platform and team of data protection experts enable structured privacy management through continuous monitoring of your processing activities. We provide legal expertise, assist in step-by-step implementation, and simplify the GDPR into a series of accessible steps.

About DataGuard

DataGuard is a privacy and legal-technology company headquartered in Munich, Germany. At DataGuard, we house over 100 employees who are passionate about privacy, compliance and IT security. Well over 1,000 business customers place their trust in our “Privacy-as-a-Service” solution, a hybrid of client consultation and the provision of our self-developed Software-as-a-Service platform. In addition to small and medium-sized enterprises, our customer portfolio also includes major international corporations (industrial, finance and trade), political parties, schools, sports clubs, as well as churches and public institutions.

An interdisciplinary team of TÜV/DEKRA certified Data Protection Officers, including lawyers, computer scientists, engineers, and business economists, provide personal support to both our German and international clients on the subject of privacy and IT security. The process of consulting our clients is supported by the use of our web platform which digitizes and automates manual activities and processes data with machine learning (the software’s patent has been submitted to the European Patent Office under the reference number Q0144EP). The platform is used by both our customers and our privacy team.

  • 1.500+ KUNDEN
  • 430+ STÄDTE


Abberior Instruments GmbH Abberior GmbH Autoglas Profi GmbH G. Stürzer GmbH Eckstein GmbH Hop Lun GmbH OneFID GmbH arculus GmbH Gravning GmbH VS Qloud Solution GmbH Orientis (Deutschland) GmbH RightNow GmbH Innung für Elektro- und Informationstechnik München brandwerk GmbH Hosokawa-Alpine AG St. Aurelia GmbH Mr Beam Lasers GmbH Martin KFZ-Technik GmbH WIWA Wilko Wagner GmbH Verwaltungsgesellschaft für Haus- und Grundbesitz Hammele & Partner mbh Cloud Solutions GmbH realbest Germany GmbH AURICON Audit GmbH Wirtschaftsprüfungsgesellschaft Cheerleading und Cheerperformance Verband Deutschland e.V. WIRA Fahrzeug- und Maschinenteile GmbH Microfluidic Chipshop Fertigungstechnik Wettringen GmbH Grand Excelsior Hotel München Airport deal Neudahm Hotel Interior Design GmbH ZST Security Service Consulting and Technology GmbH Freework GmbH Deutscher Bogensport-Verband 1959 e.V. VITZTHUM Projektmanagement GmbH Enduran GmbH Hotel VICTORIA Theodor Schuler GmbH & Co. KG machineering GmbH & Co. KG Industriepark Werk Bobingen GmbH & Co.KG Praxis für Ergotherapie Georg Weißlein Mitchell Consulting Inh. Robert Mitchell Autohaus HEINEMANN GmbH Medical Personalvermittlung e.K. Harald Hilgers Transporte e.K. Tensar International GmbH Gastro One GmbH & Co. KG Bruderherz GmbH Jahn Transprt A-TEX Germany GmbH Catella Real Estate AG HiQ Projects GmbH Druckluft Schmitz GmbH NovaStor GmbH Hotel Adlerbräu GmbH & Co.KG A-Z Objektservice Gmbh & Co. Kg Schottenhamel und Lechner GmbH ArangoDB GmbH Manfred Lehmann Innenausbau GmbH DEHOGA Nordrhein e.V. ETH – Elektrotechnik Hämmerle LAMBDA TECHNOLOGY® Gesellschaft für thermische Prozesse mbH GPEP GmbH Mateco GmbH Höfler GmbH FIPA GmbH mimi Kinder- und Seniorenstiftung Anton Puckrandt Heiz- und Betriebskostenabrechnung GmbH S&T Versorgungstechnik GmbH Sanitätshaus Fuchs+Möller GmbH Praxis für Ergotherapie Birgit Stadler PEB. Praxis für Ergotherapie Udo Streit SofaCompany GmbH oelheld GmbH Gerfer Recycling GmbH Ergotherapie Gerolstein Industrievertretung Friedel Baumann GmbH LEVELS GmbH & Co. KG Ralf Brill Engineering GmbH Freizeitbetriebe Worms GmbH Praxis für Ergotherapie Martin Leon u. Andrea Haben Energietechnik Südwest GmbH Geospin GmbH IMR Deutschland GmbH Fressnapf Gallafilz Retail GmbH Pro-Care-Ruppin Seehotel Heidehof GmbH Becotec Fahrbahnsanierungen GmbH luna-park GmbH Fischer u. Schweiger GmbH PreciPoint GmbH Wissensfabrik – Unternehmen für Deutschland e.V. Reesink Schwerstapler GmbH BSB I Bussche – Şahin – Bülow – Rechtsanwälte Insolvenzverwalter Dialoglotsen GmbH LiveCycle GmbH Ergotherapiepraxis Scheuer Landleben am Vilser Holz GmbH In Familia GbR Mayer Schaltechnik GmbH Kannegiesser Spedition GmbH Spedition Eder GmbH & Co. KG DADI – Service GmbH Auto Walther e.K. Bernhart ConsKom GmbH & Co. KG Steuerkanzlei Hollfelder LQB² Das Lernzentrum für Qualifizierung, Bildung und Beratung GmbH Hotel Bornmühle GmbH & Co.KG Ergotherapiepraxis Hillebrecht & Sanders KSW Reinigungssysteme Vertrieb und Service GmbH Druckerei Hirschfelder Gonotec GmbH Sägen-Mehring GmbH Praxis für Zahnheilkunde Dr. Christoph Wenninger und Dr. Sebastian Helgert Intracon Marketing Services GmbH Bosic GmbH MITEC Industrietechnik Vertriebs-GmbH Hotel Forsthaus Nürnberg/Fürth GmbH & Co.KG TourComm Germany GmbH & Co. KG Ergotherapiepraxis Achatz inovel elektronik GmbH Autohaus Meißner & Zahn GmbH Sit&Watch Media Group GmbH insolutions GmbH Alfra GmbH Relocately GmbH Butz und Staab SALT communications GmbH Artis Service-Wohnen GmbH Praxis Ergotherapie GbR M. Siems u Stefanie Schenk-Simon Mobiler Tiernotdienst 24 Advisa Personal GmbH Fotogeräte-Service Nord GmbH mertes personalservice GmbH Ergotherapeutische Praxis Christa Middendorf Chapman Freeborn Airmarketing GmbH Sprachtherapie und Logopädie Anja Bartels BRICKA Personaldienstleistungen GmbH FS eCommerce GmbH MUNSCH Chemie-Pumpen GmbH
IEM FörderTechnik GmbH Visco GmbH FELLGUTH FUCHS GELLING Partnerschaft von Steuerberatern mbB Profilbleche Dührkop GmbH Landhotel Voshövel GmbH Gemino GmbH Physio- & Ergotherapie Peggy Hoischen KFD Baden Württemberg UG DBRD Akademie GmbH Hauskrankenpflege Martina Stolley Erich Weit GmbH Praxis für Ergotherapie und Logopädie Rudolf Eberlein Praxis für Ergotherapie MaJa GbR KURIS Spezialmaschinen GmbH Primo Holding GmbH Praxis für Ergotherapie Heike Nebelsieck Claus Zollner Immobilien GmbH HMH Heidrich & Müller-Hansen Partnerschaftsgesellschaft Steuerberatungsgesellschaft mbB Zelt-Musik-Festival GmbH Autohaus Beck GmbH balandis real estate ag Oxana Dillmann Luxus BeautyLine Kompetenzzentrum Naturschutz und Energiewende KNE gGmbH Take4Net GmbH Harzer Mineralquelle Blankenburg GmbH ReformPlus GbR Paycult GmbH & Co.KG a plus plus Architektur + Generalplanung + Gutachten GmbH Opium Effect GmbH Treusorg GmbH Steuerberatungsgesellschaft Vaddi Concerts GmbH WIWA Kampfmittelbergung GmbH HSG Harburger Sanierungsgesellschaft GmbH ACHT GmbH Das ZBW Zentrum für Bildung und Weiterbildung GmbH Schmid & Wezel GmbH ncn ImmobilienManagement GmbH Gral Systeme GmbH Energiezentrale Sachsen-Anhalt GmbH Bearpaw-Products Bogensport-Bodnik GmbH Perlen Packaging GmbH, Müllheim RK Siebdrucktechnik GmbH FINDEISEN GmbH Osenstätter GmbH domatec GmbH KEBOS Kessel- Boiler- Technische Anlagen Service GmbH Wirtschaftsclub Düsseldorf GmbH Struck Turbotechnik GmbH Autohaus Eichfeld GmbH Tombow Pen & Pencil GmbH Gemeinschaftspraxis Dr. med. Peter Maier und Dr. med. Heiko Weerda Futtermittel Louven e.K. PIN Privates Institut für Investitionsmanagement GmbH BEUTLER VERPACKUNGSSYSTEME GmbH kothes GmbH K & K Gilsenbach GmbH SETG GmbH Niederlassung Deutschland Haus am Mühlenteich gGmbH gardow-logistics SMB Schnekenburger GmbH Vermessungsbüro Schmitt  ÖBV Waffen – Will & Apel GmbH Knappmann GmbH & Co. Landschaftsbau KG Autohaus Dähn GmbH & Co. KG Internistische Gemeinschaftspraxis Dr. med. Karl-Heinz Göttl und Dr. med. Omar Adjan Frische Service-GmbH Gustav Obermeyer GmbH & Co. KG VENTAS SERVICES GMBH BALLCOM GmbH Wilbers Products GmbH ESCON – Marketing GmbH Auto Krasser FAUSER AG Schiermeier & Niermann GmbH Societaetstheater gGmbH Ars Intellegendi GmbH I.B.E. Institut für betriebliches Entgeltmanagement GmbH Werbeagentur VON DER SEE GmbH Manhattan Hotel Frankfurt Deal k-h-t GmbH & Co. KG Christian Thieme Greiner GmbH Membran Entertainment GmbH PAN+ARMBRUSTER GmbH Kupfer Betreibergesellschaft für Fitness & Freizeitanlagen GmbH & Co. KG Autocentrum Engin GmbH Christof Wegner Güterkraftverkehr GmbH PENTAC Polymer GmbH IWT Wirtschaft und Technik GmbH Arena Berlin Betriebs GmbH Hamburger Stadtrundfahrt – Die Roten Doppeldecker GmbH Grünkauf System GmbH HP Enders Umweltservice GmbH Hotel – Restaurant  Fuchsbau Betriebsgesellschaft mbH HAHN Lamellenfenster GmbH Praxis für Zahnheilkunde Thomas Nordbruch Radiometer GmbH Toni Technik Baustoffprüfsysteme GmbH Penning Sanitär GmbH & Co. KG Ökolectric-Haus Ehmann GmbH item Media GmbH Inovatools Eckerle & Ertel GmbH Fritz-Bender-Stiftung Die Online Experten 4u GmbH Dast GmbH & Co KG Gebr. Kopp GmbH & Co.KG Anger Systemtechnik GmbH admixx GmbH – Mühlacker Cloud Consulting Group GmbH Dresdner Stadtrundfahrt – Die Roten Doppeldecker GmbH Lübbe Transport & Logistik GmbH Neurologische Gemeinschaftspraxis im Bienenkorbhaus Mahlwerck Porzellan GmbH prisma plan ing. GmbH Wilh. Schmitz GmbH Maschinen und Apparatebau Zirngibl Bestattungen GmbH PsychoLogik Marktforschung GmbH SAAZOR WÄLZTECHNIK ZORN GmbH u. Co. KG Sweetware GmbH & Co. KG AUTEC GmbH & Co. KG Bertram GmbH Ingenieurbüro Theo Erb GmbH Eisenmann intec GmbH & Co. KG MIXACO Maschinenbau Dr. Herfeld GmbH & Co. KG Praxis Projekt KG ISOTEC-Fachbetrieb Abdichtungstechnik Schiefelbein GmbH & Co. KG JOI-Design Innenarchitekten A D joehnk + partner mbB Helma Interior Draht-Hemmer Betriebs GmbH Reisebüro & Busunternehmen Belitz Talent Garden GmbH GFD Gesellschaft für Datenverarbeitung mbH Elastique. GmbH Drehmoment – Agentur für kreatives Marketing GmbH Senic GmbH Facharztpraxis für Oralchirurgie und Implantologie PSi Laser GmbH
BIOMES NGS GmbH Liqmatic GmbH Böhnleins Partyservice GmbH ACBIS GmbH Pflegehof Domersleben GmbH & Co. KG dt druckluft-technik Langer & Pfeil GmbH LF Consult GmbH Rollo Solar® MELICHAR GmbH Camping-Center Klein GmbH Baltes GmbH Pfefferminzia Medien GmbH Messegrafik & Messebau Schreiber Tierheim Carl Hildebrand & Tierschutzverein Kaiserslautern und Umgebung e.V. Gehling  Flugtechnik GmbH Pientka GmbH Narr Francke Attempto Verlag GmbH + Co. KG MKM BRANDSCHUTZ – Ingenieurbüro für Brandschutz Kittner-Meier dataREAL Meßtechnik GmbH Winfried Werne Immobilien GmbH STELLA Kunststofftechnik GmbH Lingua-World GmbH atb Systemetiketten GmbH & Co. KG Spreespeicher Event GmbH DW-STORE Inh. Matthias Schalk konzepta REAL Gebäudemanagement GmbH IPM Institut für persönlichkeitsorientiertes Management GmbH Satherm GmbH pacoon GmbH Ingenieurgesellschaft Hellmich + Partner mbH facilioo GmbH IP Zollspedition GmbH Augenarzt Dr. med. Rainer Volz Mainblick – Agentur für Strategie und Kommunikation GmbH Apo Care GmbH Bund der Selbständigen Baden-Württemberg e.V. Hotel im Krummbachtal Kahl GmbH & Co. KG Fernwärmegesellschaft  Baden-Württemberg mbH Dorn Biervertriebsges. mbH G.O.L.F. – TIME Verlag GmbH VH24 GmbH Hausverwaltung Schlütter GmbH WELTER zahnrad GmbH GESRA Gerätebau GmbH iPoise Unternehmergesellschaft Axel Zangenberg GmbH & Co. KG Industrieverband Hamburg e. V. Caterwings Services GmbH Huber GmbH Specht Fleischwaren Vertriebs GmbH & Co.KG ABH Stromschienen GmbH SKI GmbH + Co.KG taskhopper Service für Menschen GmbH Weier Antriebe und Energietechnik GmbH Wind GmbH Otto Glas Handels GmbH Montagebau Hartmann GmbH M&K Gewürze und Wertstoffe GmbH Lavanda Verlags-und Marketing GmbH Kurzentrum Soziales Genesungswerk Pelzerhaken (Ostsee) e.V. K. Gerdes GmbH FILCOM GmbH Deutscher Verband der Ergotherapeuten e.V. CGS – Computer Gesteuerte Systeme GmbH ROHDE CLEAN GMBH ABD Media GmbH Schindelar Center Autoverwertung GmbH Vermeer Deutschland GmbH Autohaus Südring Datteln GmbH AviaFund Solution Services GmbH Nutzfahrzeuge Hasselfelde GmbH mediatack GmbH Landhotel Huber am See kapilendo AG JMT Mietmöbel Deutschland GmbH & Co.KG HR-Recruiting Services GmbH HANN & KROPP Consulting GmbH & Co. KG Eugen Hensle Ordnungs- und Zuführtechnik GmbH DEDERICHS & REINECKE Public Relations GmbH & Co. KG COREDINATE GmbH Clearwater International GmbH A & T Immobilien GmbH RHMD Reimer Hausmeisterdienste AKS-Messtechnik GmbH Alpu GmbH AKO Armaturen & Separationstechnik GmbH Sandmaster GmbH TIERÄRZTLICHE GEMEINSCHAFTSPRAXIS C. HAAGS & A. RAPP, GBR W.u.E. Rau GmbH AWO Sozialstation Rems-Murr gGmbH B&K Lettershop Kröger GmbH & Co. KG OTTO DÜRR KG Life Fitness Europe GmbH LC Liegenschaft Consulting GmbH KORODUR Westphal Hartbeton GmbH & Co. KG Klokow Industrietechnik GmbH item GmbH press & mail euprax Perchtold & Partner Steuerberater Rechtsanwälte PartG mbB Elektro Bömelburg GmbH ADCOLE GmbH Taxi-Kasiske Wallek&Geser Spezialtransporte GmbH. Zweckverband zur Trinkwasserversorgung und Abwasserbeseitigung Torgau – Westelbien apero GmbH Arbeitsgemeinschaft für Pharmazeutische Verfahrenstechnik e. V. (APV) AviaRent Invest AG Bauunternehmung M. Grundner GmbH NSG Net Solution GmbH Möller-Preussler Transformatoren GmbH Leonardo Personal-Konzept GmbH Internetvertrieb Michael Bergs Grüner Store – Jörg Grüner Escape Clothing GmbH EPUTEC Drucklufttechnik GmbH Elektro Scheuermann GmbH & Co KG E. Geiger GmbH Druckhaus Stil BS-Concepts GmbH 1/2/3 Autoteile GmbH & Co. KG Projektwerkstatt, Gesellschaft für kreative Ökonomie mbH Rochus Mummert Beteiligungs- und Dienstleistungs GmbH Alltech Dosieranlagen GmbH Theiml Personal-Service GmbH Tierärztliche Praxis für Kleintiere Scharnhorst GmbH Aximpro GmbH BEDRA GmbH Mashup Communications GmbH Jürgen Girrulat Hausverwaltung GmbH IQS International Quality Service GmbH Intermove GmbH eviom GmbH eticur) GmbH ethinking GmbH Erich Scheerer GmbH EMENDO Event + Congress GmbH & Co. KG BUCH&media Ergotherapie Zschoge GmbH

FAQs – Frequently Asked Questions

  • Subject Matter
  • Contract
  • DataGuard
  • GDPR
  • How do the employee training courses work?

    Your employees will be trained online via the DataGuard platform. They will initially learn the essential topics on data protection and complete a test thereafter. If the test is passed successfully, the respective employee will receive a certificate. Otherwise, the employee may attempt the test again. Each employee will take approximately 30-45 minutes to complete the course.

  • How do the audits work?

    We will carry out the initial data protection audit (the GDPR assessment) with you online and via telephone. First, you and your department representatives will complete a range of questionnaires based on their respective departments (procurement, finance, human resources, sales, IT, security) and provide us with information on your company’s specific data processing activities (or so-called “core processes”). Your personal Data Protection Officer will evaluate the completed questionnaires and speak to each department representative via phone. After each audit call, DataGuard will prepare the corresponding minutes which will be shared with you.

    Based on the audit, we will produce recommendations for action as well as all the documents required under data protection law (records of processing activities, Technical and Organisational Measures).

  • Who creates the data protection documentation?

    Each controller (a natural or legal person which determines the purposes and means of the processing of personal data) or processor (a natural or legal person which processes personal data on behalf of the controller) is responsible for creating data processing documentation.

    This data protection documentation, consisting of the records of processing activities and the Technical and Organisational Measures, is prepared jointly by you and your DataGuard Data Protection Officer (DPO). We go beyond the legal obligations of a DPO, as the law only specifies for the DPO to provide information and advice.

  • What is the difference between a standard processing activity and a company-specific processing activity?

    The standard processing activities are secondary processes in a company (e.g. in procurement, finance, human resources, security, sales). The company-specific processing activities represent the value-adding core process of a company.

    We prepare the data protection documentation for all these processes in the records of processing activities based on the information you provide during the data protection audit.

  • What are the Technical and Organisational Measures (TOMs)?

    TOMs refers to all activities that are carried out as a standard procedure in an organisation in order to protect personal data. The term is very broad and can mean different things in different companies. As the name suggests, these measures are technical procedures and organisational processes inclusive of security procedures (both offline and online). The TOMs of an organisation must be documented in the records of processing activities and be used to company with the applicable GDPR requirements.

  • Which companies are required to maintain a records of processing activities?

    Companies with 250 employees or more must maintain a records of processing. If a company has less than 250 employees, a records of processing would only be necessary if the processing is not occasional, processing carries a high risk to the rights and freedoms of data subjects, processing includes special categories of data, or personal data relating to criminal convictions and offenses is processed.

  • What are Data Processing Agreements (DPA)?

    If data processing operations are outsourced to an external service provider, it is necessary to complete a data processing agreement. The DPA sets out the subject-matter and duration, nature and purpose of the processing, the type of personal data and categories of data subjects and the obligations and rights of the controller. Through this contract, the contracting company (the controller) ensures that the other party (the processor) is bound to their obligations.

    Order processing often already exists if, for example, companies have payroll accounting performed by a third-party company or remote maintenance is performed by external IT service providers.

  • What does the Data Protection Impact Assessment (DPIA) do?

    The DPIA is a risk analysis for processing operations that are likely to result in a high risk to the rights and freedoms of natural persons, involve the processing of large volumes of special categories of personal data, include the use of new technologies and profiling / scoring techniques or exercise the systematic and comprehensive monitoring of publicly accessible areas. This assessment is aimed at making it possible for companies to take protective measures for the rights and freedoms of data subjects at an early stage.

  • How can I use the additional consultation hours?

    The additional consultation hours can be can be used for purposes such as data subject inquiries or queries by the authorities, checking documents for employees and customers, verifying the level of GDPR compliance of software/hardware, and for external audits.

  • How much work will data protection compliance present for my company?

    The new data protection legislation often leads to an increased administrative burden and more work in general. However, designating an external Data Protection Officer such as DataGuard will significantly reduce the workload so that your company can focus on its core activities.

  • How do I commission DataGuard?

    After an initial conversation with one of our specialists, you will be recommended a service package that suits your company (Basic, Medium, Medium+, Premium). You may then sign the contract sent to you by email, scan and return it to us via email.

  • What are the next steps after signing the contract?

    We will assign a personal Data Protection Officer (DPO) to you and send you the official certificate of appointment, as well as provide you with access data to our DataGuard web-platform. You will then sign the certificate of appointment and provide us with basic information such as contact persons within your company. We will then prepare the data protection audits, provide the privacy policy for your website, and conduct the employee training courses. Additionally, it will be necessary for you to forward your DPO’s contact details to the relevant supervisory authority. Please refer to the diagram on our website to view the full journey.

  • When would the contract begin?

    The contract can start on the 1st or 15th of each month.

  • What is the duration of the contract?

    The contract period is 24 months. The contract may be terminated with an advance notice of 6 months prior to the end of the contract period.

  • Can I upgrade my package while my current package contract is still active?

    Yes, you can upgrade a package during the contract period without extending the length of the contract period. However, please note that a downgrade is not possible.

  • Is it possible to book additional consultation hours?

    You can book individual sessions for 180 € per hour at any time. However, the privacy needs of your company and therefore, the appropriate package would have been determined during the initial consultation. In other words, the number of consultation hours is generally sufficient.

    If necessary, you may upgrade your service package at any time.

  • Who is DataGuard?

    DataGuard is a data protection company headquartered in Munich, Germany. Since our establishment at the end of 2017, we have now grown to 100 employees and have become one of Germany’s leading providers of external data protection. With our self-developed machine learning-driven “Privacy-as-a-Service” solution – a hybrid of personal consulting and software-as-a-service – we cater to over 1,000 business customers in more than 400 cities and 300 industries throughout Europe.

    In addition to small and medium-sized companies, our customer portfolio also includes major international corporations (industry, finance and trade), political parties, schools, sports clubs as well as churches and public institutions.

    Our partner network includes some of the largest German industry associations (BVDS, DEHOGA, wvib, BVMW etc.) as well as Deutsche Telekom as a sales partner and IBM as a technology partner.

  • What is DataGuard’s “Privacy-as-a-Service”?

    Personal consultation and support + platform/software support:

    An interdisciplinary team of lawyers, computer scientists, engineers, business economists etc. supports our customers in teams of 2-4 TÜV/DEKRA certified Data Protection Officers who specialize in the fields of data protection and IT security. As our platform/software is used extensively, we do not consider ourselves a consultancy but a legal-technology company with an approach that is scalable both in Germany and internationally.

    The personalized consultation of our customers is supported by a specially programmed web platform. It digitizes and automates manual and repetitive processes using machine learning and processes data input with machine learning, amongst other things. The platform is used by our customers and our team. In June 2018, we filed a patent for our invention with the European Patent Office under reference number Q0144EP.

  • What is DataGuard’s geographical scope?

    We cater to customers nationwide and throughout Europe. Communication takes place primarily via e-mail, phone, as well as on our own specially developed web-platform so that we may advise you anywhere and at any time.

    In a continuous exchange, we will work together via an intelligent web platform. The platform is intuitively comprehensive and has no barriers to usability. All information related to your company’s data protection can be accessed at any time via a dashboard. Our platform is, of course, subject to the highest security standards. All information is protected against unauthorised access via a trusted cloud. Our cloud not only complies with applicable security regulations but also maintains our own high standards of IT and data security.

  • Does the Data Protection Officer have to be on site?

    No. What’s important is that the Data Protection Officer has all the necessary information needed to fulfil their tasks and that they can be directly contacted by the company’s management team, employees, customers as well as by the authorities. We offer all of these services as we can be contacted directly via telephone or email Monday-Friday, 8AM-6PM. The advantage here is that you can avoid on-site scheduling allowing you and your employees to focus on your operational needs.

  • What motivates us?

    Data protection of course! The idea that each and every person expects their data to be handled responsibly.

  • When does the GDPR go into effect?

    The new General Data Protection Regulation (GDPR) has been applicable and binding since 25th May 2018.

  • Which companies must appoint a DPO?

    If a company constantly employs at least ten persons who deal with the automated processing of personal data, the appointment of a DPO is mandatory according to German data protection law. This also includes external service providers such as an external accounting department.

    If a company carries out out processing which is subject to a data protection impact assessment or processes personal data for business purposes for the transmission / anonymised transmission of personal data, or for the purposes of marketing or opinion research, then a DPO must be appointed, regardless of how many employees are involved in the processing of personal data.

  • What competences must a Data Protection Officer have?

    Many companies prefer to name a DPO internally from their existing workforce. However, there are important qualifications that must be considered when designating a DPO.

    A DPO must have the following competencies:

    • Expert knowledge of relevant data protection law: GDPR and national laws (BDSG, TMG, TKG)
    • Legal understanding
    • Extensive technical expertise
    • Knowledge of the IT basic protection catalogues of the Federal Office for Information Security (BSI)
    • Ideally, relevant data protection certifications
    • Reliability and personal integrity
  • Who may not be appointed as a Data Protection Officer?

    The following individuals may not be designated as Data Protection Officers:

    • Managing Directors or General Managers
    • Senior Management (especially management of the IT department)
    • Unqualified or insufficiently experienced persons

    The legislative intent of these restrictions is to avoid potential conflicts of interest and possible sources of error.

  • What are the fines and penalties for a GDPR violation?

    A violation could result in fines of up to €20 million or up to 4% of the total worldwide annual turnover of the previous financial year, whichever is higher. Many violations including the non-appointment of a Data Protection Officer, are considered grossly negligent behaviour. Directors may be held personally liable with their private assets.

    It took less than half a year for the first company to suffer the consequences of the GDPR: The Karlsruhe-based, provider, Knuddels, was fined €20,000 for a security breach. The grace period for companies has expired with the first round of enforcement. Now, supervisory authorities are vigilantly following-up on infringements.


Vielen Dank

für Ihre Anfrage.

Wir setzen uns zeitnah mit Ihnen in Verbindung, um Ihr persönliches Erstgespräch zu terminieren.


Sie erhalten innerhalb weniger Minuten eine Bestätigungs-E-Mail mit allen wichtigen Informationen. Sie sind nur noch einen Klick von Ihrem Erstgespräch entfernt.


Wir rufen Sie zu der vereinbarten Zeit unter der angegebenen Telefonnummer an. Alle Fragen die Sie haben sollten, beantworten wir dann gerne. Wir freuen uns auf das Gespräch mit Ihnen!

Receive a quote immediately. We would also be happy to advise you by telephone.

Buchen sie hier direkt einen Termin mit einem unserer Experten.

Jetzt direkt Termin buchen

Oder senden Sie dieses Formular ab und erhalten erste Informationen. Einer unserer Experten wird Sie daraufhin kontaktieren.

You can object to the use of your e-mail address at any time. For further information, please refer to our privacy policy.

[honeypot fc_website_h]

Get an Offer
49 (89) 442 55062 - 000 bundesweiter Service