How we work
Data protection consulting only works if it fits the reality of the organization. We start by understanding your business — your processes, your data flows, your risk profile — before we recommend anything. This means our advice is always grounded in what is actually needed, not in generic compliance checklists.
Our process
1. Analysis & inventory
We begin with a structured inventory of your current data processing activities. This gives us a clear picture of where you stand — what is compliant, what needs attention, and what the priorities are.
2. Prioritized action plan
Based on the analysis, we develop a clear, prioritized action plan. We distinguish between must-dos (legal obligations), should-dos (significant risk reduction), and nice-to-haves (best practice optimization).
3. Implementation support
We support you through implementation — drafting documentation, creating templates, training staff, and reviewing technical measures. We work with your team, not around them.
4. Ongoing support
Data protection is not a one-time project. As your external DPO or ongoing advisor, we provide continuous support: answering questions, reviewing new projects for GDPR compliance, handling data subject requests, and updating your documentation as your business evolves.
Availability and response times
We are available by email and telephone during business hours. For urgent matters — such as a data breach — we provide expedited response support outside normal hours.