Your Partner for
Privacy Compliance
in a Global Environment

Knowledge

Our expertise of many years in privacy spans over different countries and regions across the world, such as the European Union, United Kingdom, Brazil, Mexico, Turkey, China, Thailand, Japan, just to name a few.

Experience

With over 15 years of experience in privacy management and privacy regulations for global companies, our approach is to provide a holistic and individual assessment for privacy requirements of our clients.

Business Focus

By assessing the optimization potential of your existing privacy processes and structures, or by building them for you, we help you to mitigate compliance risks so you can focus on your core business.

Network

Our office is located in the outskirts of Cologne in Germany. We work and collaborate within a network of international firms with highly experienced and certified privacy consultants and lawyers.

Our Services

In Privacy and Data Protection there is no one-size-fits-all solution. While there is a core set of typical requirements that serves as foundation across applicable legislations, each company is different. A robust privacy program requires flexibility to adjust the core of these requirements, and to identify additional company specific needs.

Core Portfolio

Our comprehensive and fundamental privacy risk assessment consists of scrutinizing your existing business processes to identify those with privacy impact. To evaluate risk levels, we take into consideration your type of business and geographical scope, talk with your stakeholders, review technical and organizational  infrastructure and provide a detailed report to reveal points for improvement opportunities, high risk gaps, and define mitigating measures. 

Records of Processing Activities (ROPAs) are a requirement under many privacy legislations worldwide. When the EU General Data Protection Regulation (GDPR) came into effect in 2018, it became a blueprint for many other privacy legislations to come after it, which require a detailed documentation about what processing activities take place in a company. The ROPAs became a replacement for registration requirements in many countries, but not in all. ROPAs require detailed information on different aspects to satisfy regulatory requirements. Such information may vary across countries. We help you to create a database with a meaningful structure and necessary aspects to satisfy expectations from data protection authorities.

IT solutions, software, hardware, service, internal or by third parties require due diligence to assess if they comply with technical and organizational measures to protect personal information adequately. Depending on their application and purpose of usage, requirements vary. We help you to assess solutions in place, perform gap analysis and define mitigating measures.

Most international companies need to share certain personal information across legal entities within the group, being it because of centralized collaboration tools, administration, regional or global shared service centers, that provide support to the enterprise or other reasons. We help companies to review their existing international data transfer mechanisms or help to create them. Whether accompanying our clients in the process of preparation and application for the use of Binding Corporate Rules (BCRs), privacy codes of conduct or alternative intra-group agreements, we guide and support you on the journey.

Working with third-party global solutions implies by nature the need for international data transfers across different countries. The privacy compliance risks due to different requirements across countries cannot be underestimated. While our aim is efficiency and simplification, there is no one solution, and depending on scenarios of countries and data in scope, exceptions and additional regulatory consideration are mandatory. Our experience in this field helps to design the most adequate process, and whilst we have our set of tools to support, each solution is customized to client specific needs.

Privacy compliance needs to be lived daily by every individual in contact with personal information. To build and maintain awareness trainings on different levels is the key for success. We offer a set of trainings aimed not only to the privacy experts and the ones on their way. Tailored trainings to key individuals in the business exposed to personal information helps to increase awareness and stay alert. Remember, these are the people who are the first to become aware of issues.

Our set of tools and ready to use and customize processes are extensive, but as there is no one-size-fits-all solution for every privacy requirement or need, you may require a solution built for your company specifically.