External data protection officer
for your company in Germany

The law in Germany stipulates the appointment of a data protection officer (i.e. data protection official as defined in the Federal Data Protection Act) for companies with more than nine employees – which is increasingly being checked by the authorities. This task can be assumed by an employee, who must be correspondingly trained and receive continuing education as well as be exempted from his/her actual job duties to perform data protection tasks. Due to this expenditure, the appointment of a legally and technically skilled expert as external data protection officer is advisable for the great majority of all corporations and locations of international companies in Germany.

Duties of an external data protection officer

Our external data protection officer ensures that the legal data protection requirements are fulfilled in your company. These tasks include, for instance, general management consultation in matters of data protection, the training of employees as well as the regular supervision of technical and organisational implementation of data protection within the company. Furthermore, the external data protection officer is a constant point of contact for employees and other parties involved. According to need, our external data protection officers also offer services such as conducting the preliminary inspection, managing the procedures directory, creating the data protection policy and reviewing it annually to ensure it is up-to-date.

Our years of experience as external data protection officers and a sophisticated rating system allow you to look forward to each officer inspection.

Our data protection experts

  • Experienced lawyers

    The activeMind AG consultants are fully qualified lawyers with at least five years of professional experience. We know all legal aspects that the authorities especially focus on during audits.

  • Technical expertise

    The experts at activeMind AG have a profound understanding of the IT sector. We do not only know what you must to do, we also know how.

  • Current templates

    The activeMind AG employees have many years of training experience at the Munich IHK, in companies and in the public sector. We possess all the relevant equipment and templates.

  • Optimised processes

    The lawyers at activeMind AG have been appointed as external data protection officers in numerous companies. We have greatly standardised and optimised all audit and consulting processes.

Costs of a data protection officer in Germany

Our external data protection officer work together closely with the employees in your company. The expense is highly dependent on the division of labour between the data protection officer and the contact people in the company. Therefore, activeMind AG offers three data protection packages:

  • Data Protection Basis

  • Compliance with the minimum legal requirements
  • No compliance with additional regulatory standards
  • No active data protection management
  • Data Protection Business

  • Compliance with the minimum legal requirements
  • Compliance with additional regulatory standards
  • No active data protection management
  • Data Protection Management

  • Compliance with the minimum legal requirements
  • Compliance with additional regulatory standards
  • Active data protection management
Data Protection Basis Data Protection Business Data Protection Management
Appointment of a data protection officer
Activity reports 1 x annually 2 x annually 2 x annually
Status discussion(s) 1 x annually
(Telephone/Skype)
2 x annually
on-site
2 x annually
on-site
Regular data protection newsletter for the responsible person in the company
Support on any number of inquiries relevant to data protection Per inquiry ≤ 15 minutes Per inquiry ≤ 30 minutes per inquiry ≤ 60 minutes
Training any number of employees at the corporate headquarters 1 x annually 2 x annually
Access to the online-training portal for a maximum of 50 employees
Processing directory 5 processings/year 10 processings/year 20 processings/year
Information obligations according to Art. 13, 14 GDPR (NEW from May 2018) For 5 processings/year For 10 processings/year For 20 processings/year
Review of the privacy policy and imprint on the website (without a shop) 1 x annually 1 x annually 1 x annually
Draft IT usage guideline
Data protection impact assessment (implementation consultation and monitoring) (NEW from May 2018)
Commissioned processing: Contract inspection and review (not on-site) 1 service provider/month 2 service providers/month
Draft retention and deletion policy
Draft emergency policy data breach
Draft data protection policy
Draft authorization allocation guideline
Draft commissioned processing guideline
Draft guideline on data-subjects’ rights
Human resources: diverse templates, fact sheets, checklists
Draft risk analysis guideline (NEW from May 2018)
Draft data protection guideline + manual (NEW from May 2018)
Data protection process control
Conducting internal audits with reports 1 x annually

Form for a free inquiry

Simply send us a little information on your company so that we can create an individualized and unbinding offer for you. We will contact you immediately!

Please share the following information to receive a personal offer:

0 + 3 = ?

Satisfied activeMind AG customers