Data Protection

SerNet helps customers adhere to data protection regulations and, if required, can provide external data protection officers.

Data protection officers are necessary if a company employs more than 9 people who process personal data using IT applications or more than 19 people who process personal data in traditional ways (paper, files) or special type of personal data according to Section 3 IX BDSG.

External Data Protection Official

At SerNet the appointment of an external data protection officer takes place in 3 phases.

1. Evaluation

We come to you and together we determine what data protection support you need by identifying

  • the relevant processes used to process personal data
  • the people who process the data
  • the need for follow-up support.

This evaluation takes 1-2 days and is used to develop a specification that is used as a basis for the following agreement.
After the evaluation of the quantity framework we can make you an offer to provide a data protection officer. If you accept our offer, this is followed by Phase 2:

2. Initialisation

The following work is carried out to the extent defined during the evaluation:

  • Establishment of an internal data protection organisation
  • Development of internal guidelines
  • Employees are familiarised with the principles of data protection and sensitised in terms of legal data protection issues
  • Employees are obligated as regards data security according to Section 5 BDSG
  • The first audit is carried out
  • The status is defined with the management, a plan of action is defined

3. Operation

Operation begins after the initialisation. The content is listed below, the quantity framework is also determined here during the evaluation:

  • Maintenance of the internal data protection organisation
  • Advisory duties
  • Maintenance of internal guidelines
  • Representation of the company to external parties (those concerned, authorities, etc.) in data protection issues, coordination function
  • Sending necessary reports to the authorities
  • Cooperation in the design of forms and contracts to ensure that they comply with data protection guidelines
  • Regular reports to management
  • Regular audits (e.g. annual)

If you need more information or would like us to contact you, please use the contact form opposite.

SerNet callback?