External data protection officer

Put data protection in the hands of an external data protection officer so that you and your employees can concentrate on other important things. HWData is your professional contact for data protection management.

Contact us
Companies that trust us
Akademie Handel
Akademie Handel

Possible tasks of a data protection officer

  • Implementing the requirements of the GDPR and national data protection laws
  • Ongoing support for data protection issues
  • Ongoing support for data security-related issues
  • Legal review and support in contract negotiations
  • Data protection law suitable for the size of the company
  • Consulting of the responsible persons and the employees
  • Training of employees with regard to data protection
  • Advice on data protection impact assessments

When is a data protection officer mandatory for companies?

The appointment of a data protection officer is required by law for 20 or more persons who deal with data. In system-critical areas, a data protection officer is also mandatory for fewer persons. The data protection officer must also be notified to the authority.

Professional data protection consulting when you need it

Especially today, you want to spread the costs as efficiently as possible to expand the size of your company further. However, a secure data protection organization and support are essential. HWData is your external data protection officer, whom you pay according to effort and based on fixed budgets, as you need it.

Contact us

Who can be appointed as a data protection officer?

As a company, you have two options for appointing a data protection officer: You can have an internal employee trained as a data protection officer or appoint an external data protection officer.

The internal data protection officer

If you appoint an internal data protection officer, an employee must be assigned to this position. This person must have the appropriate time and organizational resources and demonstrate the necessary expertise. Internal DPOs also have special protection against dismissal.

The external data protection officer

An external data protection officer can be appointed as an alternative to internal data protection solutions. This person will work for your company as required based on agreed support quotas and will safeguard this work by means of comprehensive insurance cover. In addition, the external data protection officer is directly available with expertise at all times.

Advantages of an external data protection officer

Continuous training and professional specializations guaranteed

Does he have a wide-ranging and cross-divisional expertise

An objective view of legal issues and business challenges

Outsource data protection, save costs

While an internal DPO receives a fixed salary and must continuously meet the legal requirements, you determine your consulting needs with us. You can rely on our recommendations based on comparable company structures. With the help of monthly reporting, you have continuous cost control.

Buying expertise instead of paying for training

If you appoint an employee as a data protection officer in your company, they must first be trained to meet the requirements. Let us get right to work because we are certified and can apply our expertise immediately.

The right solution for your company’s data protection

Both internal and external data protection officers have advantages and disadvantages. Which solution is right for you depends on company size, industry and personnel policy.

A good indicator for your company’s decision is whether you deal with data privacy-related issues on a daily basis, in which case an internal DPO is usually the better choice. However, an external DPO is often a better solution if you only have occasional needs. We would be happy to advise you on this.

Who is liable if something goes wrong in data protection?

If you appoint an internal DPO and a loss occurs, the company is liable under employee liability. With an external data protection officer, the company minimizes risk because, in this case, there is comprehensive insurance coverage.

The most important questions about the external data protection officer

What should be considered when appointing a data protection officer?
A data protection officer (DPO) is required when the legally required number of persons in the company involved in data processing is reached. This includes, for example, personnel management, customer care or financial accounting. It should be noted that self-employed persons, interns or employees of a temporary employment agency are also included in the company when calculating the number of persons.
What does the General Data Protection Regulation say?
The basic regulation lays down the rules for protecting individuals concerning the processing of personal data. It also protects the fundamental rights and freedoms of natural persons, particularly their right to protect personal data.
Do we need an internal or external data protection officer?
The decision as to what suits your company better is entirely up to you. The GDPR only requires a data protection expert for the respective data protection requirements; whether this is internal or external is up to your preference.
How long do I commit to the external data protection officer?
We agree on the contract terms together. As a rule, the contracts are concluded with a term of 12 months.
Does the external data protection officer also monitor legal issues and questions?
Yes. Due to our status as lawyers, our advice continues after providing templates or documents. We also assist in contract negotiations and provide legal recommendations.

HWData is your service provider for data protection & IT legal issues

We can offer our customers more than “just” data protection theory thanks to our legal background. We make recommendations and create solutions. The basis is understanding the client’s business model and data flows. HWData is characterized by the combination of data protection law expertise and an interest in technical processes.

Contact us

Customer feedback Learn why our customers trust HWData.

Since the foundation of Marley Spoon, we have been optimally looked after in terms of data protection. A long-standing and trusting cooperation.
Dr. Mathias Hansen
Head of Legal Department
As a commercial law firm, we have very high requirements in data protection. HWData continuously meets our requirements with its proven expertise in data protection law. We value this support very much and can recommend HWData without reservation.
Dr. Daniel Gubitz
Managing Partner
HWData is the ideal partner, especially for international, complex data protection issues. The communication is straightforward, fast and friendly – we feel safe and top advised!
Claudio Ricci
Managing Director
We appreciate the professional and competent work of HWData, a partner you can really rely on in the field of data protection.
Armin Dörringer
Operations Management
Akademie Handel
We enjoy working with HWData because we always receive quick and competent feedback on our data protection issues. We feel we are in excellent hands with HWData!
Dr. Raphaela Schuster
Managing Director
The long-term cooperation with HWData is characterized by an extremely high level of professionalism and the necessary flexibility and pragmatism for possible solution options. As a medium-sized company, this mix is precious for us.
Emanuel Simon
Managing Director
Data protection, optimally tailored to our specific business requirements.
Martin Spitznagel
Managing Director
We very much appreciate the cooperation with HWData. Problems are solved efficiently, pragmatically, reliably and competently.
Ralf Geer
Head of Final Support / IT

ContactWrite to us, and we will make your data protection better.

    You can find our privacy information here.

    Where you can find us
    Nordendstr. 64
    80801, Munich
    Book an appointment
    Write to us