Client
Amazon.de GmbH is the German subsidiary of Amazon.com, the international electronic commerce company with headquarters in Seattle, Washington, United States. It is the world's largest online retailer.
Project
The focus of this project lies on Content management for the Kitchen, Home & Garden Department. We create, control and improve content for the Amazon.de website before going live. This projects runs since 2005.
– A+ Content
– Browse node allocations
– Variations / Attributes
– Product descriptions
– Product images
– Shopping guides
Client
E-Crime Expert is a legal consultancy specialized in the fields of data protection, privacy, cybercrime, intellectual property, and the Internet. E-Crime Expert aims to make the Internet a safer place by providing awareness, information and tips to Internet users (children, adults and seniors) to help them protect themselves against e-criminals and scammers.
Project
We provide consultancy on the approaches of German Data Protection Law on the use of Cloud Computing Services and Smart Devices.
– Implementation of Privacy by Design Principles
– Data protection issues of Smart Phones, Smart Televisions, Software as a Service
– Privacy Awareness
Client
ectacom GmbH is one of the leading independent Value Added Distributor (VAD) for business solutions in the areas of business performance, corporate compliance, corporate security and security-as-a-service. The company offers its partners products, solutions, services and training of leading international technology manufacturers.
Project
We support whilst ectacom provides services to its clients on corporate security issues which are relevant for business performance processes. Together with the excellent expertise of the ectacom specialists we are able to provide holistic security-as-a-service concepts.
– Improvement of IT processes interfaces between business and security
– Security-as-a-service circle: Health-checks, audits, consultancy, training
Client
Mendo Global Corporate Services S.L. as a global firm aims to provide customers with a comprehensive service. Mendo offers a comprehensive approach to business needs, with innovative and pro-active solutions.
Project
We support Mendo with business development for its German Desk and the coordination of different areas of practice and expertise.
– Commercial law
– Comprehensive services to German companies with business interests in Spain and vice versa
Client
Quotient Consulting Sdn. Bhd. is a boutique firm, which focuses on array of data protection and privacy consulting services. The incorporation of QC was mooted during the winter of 2010 in London, and it was further affirmed during the spring of 2011 in London. In the summer of 2011, the founding QC members deliberated to pursue with its incorporation as a registered company in Malaysia.
Project
We team up and collaborate with QC's strategic business partners in diversified areas of data protection and privacy. Here, stakeholders are able to appreciate their local, regional and global experiences in their fields of expertise. Currently we cooperate with QC on building a data protection expert team for global companies in order to conduct cross-border data diagnosis.
– Customized data diagnosis assessment and data protection auditing
– Diagnosis of profiling, aggregation, classification and to taxonomy of such data within organisations or businesses' process and controls
– Diagnosis of data transfers to any parties that a specific stakeholder is dealing with, especially from and to Central Europe
– Mapping, codes, guidelines, best practices catalogues and summary of the results in reports together with recommendations for further actions
Client
VISICON EDV-Integration GmbH implements, based on the SAP ® standard software R / 3 ® and ERP ECC, software solutions and optimize customers' IT processes. As an independent consulting firm, Visicon combines industry knowledge and IT knowledge with years of experience for the efficient mapping of business process within IT.
Project
Implementation and maintenance of EDI connections from diverse manufacturers to leading online e-commerce marketplaces in the DACH region.
– EDI cloud services
– Marketplace vendor central solution
Client
Whitebox Security is a leader in the field of identity and Access Governance. The company pioneered Intelligent Access Governance, which combines the best of identity intelligence, and identity & access governance in WhiteOPS™, its Access Governance solution. Whitebox Security has been named one of the ten most innovative security companies by the RSA® innovation sandbox, has been awarded Gartner's cool vendor and was shortlisted for 'best IAM product' category by the SC-Magazine Europe awards in 2012.
Project
Together with whitebox we support data protection measures through data analysis software which allows our clients 360° visibility and control over users' activities and entitlements across the organization as well as access certification for fastest, most accurate processes and a self-service access requests portal, with powerful decision-support insights, and proactive risks management.
– Intelligent identity & access governance: Activity & identity monitoring, full audit-trail, entitlements integration kit, data classification, owner identification, usage profiling, access certification, request automation, unified access policies
– Holistic Approach to Key Challenges of Data Governance
– Development and implementation of programs to protect global information assets, including legislative and regulatory advocacy
– Assistance with information product life cycle issues
– Comprehensive assistance with significant data security breaches, including network intrusion detection, customer notification, state and federal regulatory negotiations as well as public relations
Client
Logitravel is an online travel agency specializing in the sale of cruises, vacations and beach hotels. In just 9 years, Logitravel has become one of the market's leading online travel agencies and can boast consistent growth year after year.
Project
We are the data protection person of contact for Logitravel´s German market.
Client
MDL Mobility Data Lab enhances Smart Audience Targeting through its patented and cloud-based solution platform which uses web IDs to connect advertising recipients online and offline.
Project
We are the assigned external data protection officer for MDL Mobility Data Lab.
Client
Münchner Kinderbetreuung GmbH runs day centers for children 0 to six years of age and offers babysitting services in Munich. They assure a continuous support of children until they start school and focus on the professional situation of parents in a modern work environment.
Project
Together with Münchner Kinderbetreuung we aim to meet our social commitment criteria. We conduct information evenings at the day centers sites on relevant privacy issues in daily family life.
– Privacy-relevant behavior in daily life of children and parents
– Practical hints and tips for the use of the internet, social media, smart devices, etc.
– Use of privacy-protecting add-ons for PCs and Smartphones
BvD
The Federal Association of German Data Protection Officers (Bundesverband der Datenschutzbeauftragten Deutschlands e.V.), is a professional association of data protection officers and acts as an interface between business, politics, academia and regulators. Founded back in 1989, the association is one of the oldest representative bodies for data protection officers and privacy consultants in Germany. Seat of the BvD is Berlin. From there, the association represents the interests of BvD members. Through strategic communications, promotion of education and training, and sustainable network formation, the object of the company, privacy, has been constantly placed at the center of public interest. The BvD promotes the professional interests of its members, the data protection officers and privacy consultants. BvD is committed to actively promoting the establishment of the profession "Data Protection Officer" in Germany, compiles practical questions and is constantly working on the definition of the profession. For members, the BvD offers comprehensive programs to further education.
Open BvD Homepage.
DGRI
The German Association of Law and Informatics (Deutsche Gesellschaft für Recht und Informatik e.V.), addresses issues that lie at the interface between informatics and computer technology on the one hand, and the law and business, on the other hand. The objective of DGRI is to promote the interaction between academia, research and practice in the following areas:
– Legal issues relating to the processing of information
– The use of information technology within the legal system
– Shaping the legal framework conditions for information technology
Open DGRI Homepage.
IAPP
The International Association of Privacy Professionals is the largest and most comprehensive global information privacy community and resource, helping practitioners develop and advance their careers and organizations manage and protect their data. More than just a professional association, the IAPP provides a home for privacy professionals around the world to gather, share experiences and enrich their knowledge. Founded in 2000, the IAPP is a not-for-profit association with more than 14.000 members in 83 countries. The IAPP helps define, support and improve the privacy profession through networking, education and certification.
Open IAPP Homepage.
GDD
The German Association for Data Protection and Data Security (Gesellschaft für Datenschutz und Datensicherheit e.V.) was founded in 1976 and stands as a non-profit organization for practicable and effective data protection. The GDD interacts with government officials, data protection authorities, associations and privacy experts world-wide. The GDD helps data controllers and particularly their data protection officers / corporate privacy officers (DPOs / CPOs) to solve the many different legal, technical and organizational problems in order to achieve a proper balance between the interests of data subjects who merit protection and the equally justified need for information on the part of controllers and individual persons. A major goal of the GDD is to strengthen effective self-regulation and corporate self-monitoring in the framework of German data protection law in order to make state supervision and controls unnecessary as far as possible. Furthermore, the GDD raises awareness of the advantages of self-regulation and corporate privacy management in other EU and non-EU countries. Being the largest association of its kind in Germany, the GDD currently has more than 2.000 members. The amount of members is constantly growing which shows the value of privacy and data protection in companies and in general.
Open GDD Homepage.
Privacy Professionals
Privacy Professionals is a non-commercial community of peers who actively work in the field of privacy and data protection. Its Privacy Body of Knowledge (PBOK or Privacy BOK) effort will create and maintain a rich set of reference materials organized into privacy domains of expertise. This content will be developed collaboratively by the members of Privacy Professionals. Its "Why Privacy" aims to create a poster sized infographic that explains WHY privacy is important, why it matters. Privacy Professionals envisions this to be a useful tool in getting the word out on privacy across organizations.
Open Privacy Professionals Homepage.
DSJV
The German-Spanish Lawyers Association (Deutsch-Spanische Juristenvereinigung e.V.), was founded by 160 lawyers from both countries in Bonn in 1984. Currently the association has over 1000 members of all legal professions, such as university professors, lecturers, judges, prosecutors, notaries, lawyers and officials, but also law clerks and law students. In view of the enduring and historically rooted relations between Spain and Germany, and the membership of both countries to the European Union, the DSJV has become a forum that participates decisively in deepening knowledge of the relevant jurisdictions and the requirements of the ongoing relationships between lawyers from both countries.
Open DSJV Homepage.
Externer Datenschutzbeauftragter (BvD e.V.)
In order to increase the quality and acceptance of data protection, the BvD developed and updated "The trade and grade of the data protection officer." In the professional model the BvD describes professional and personal requirements for the practice of the profession and defines e.g. duties and performances of the data protection officer. With the development of the outline of a profession for data protection officers, the BvD establishes quality standards for the minimum professional qualifications and training of data protection officers. The profession is changing constantly due to the short development in information technology. For this reason, the model of the BvD is updated constantly and thus all certified data protection officers have to regularly give proof that they meet all BvD criteria.
ITIL® Expert (APMG)
ITIL® is the most widely adopted approach for IT Service Management in the world. It provides a practical, no-nonsense framework for identifying, planning, delivering and supporting IT services to the business. ITIL® advocates that IT services must be aligned to the needs of the business and underpin the core business processes. It provides guidance to organizations on how to use IT as a tool to facilitate business change, transformation and growth. The ITIL® best practices are currently detailed within five core publications which provide a systematic and professional approach to the management of IT services, enabling organizations to deliver appropriate services and continually ensure they are meeting business goals and delivering benefits. The five core guides map the entire ITIL® Service Lifecycle, beginning with the identification of customer needs and drivers of IT requirements, through to the design and implementation of the service into operation and finally, on to the monitoring and improvement phase of the service.
The ITIL® Qualifications scheme provides a modular approach to the ITIL® framework, and is comprised of a series of qualifications focused on different aspects of ITIL® Best Practice, to various degrees of depth and detail.
The ITIL® Expert level of qualification is aimed at those individuals who are interested in demonstrating a superior level of knowledge of the ITIL® Scheme in its entirety.”
PRINCE2® Practitioner (APMG)
PRINCE2® is a structured project management method based on experience drawn from thousands of projects - and from the contributions of countless project sponsors, Project Managers, project teams, academics, trainers and consultants. PRINCE2® is a non-proprietary method and has emerged worldwide as one of the most widely accepted methods for managing projects. This is largely due to the fact that PRINCE2® is truly generic, and truly global: it can be applied to any project regardless of project scale, type, organization, geography or culture. PRINCE2® achieves this by isolating the management aspects of project work from the specialist contributions, such as design, construction etc. The specialist aspects of any type of project are easily integrated with the PRINCE2® method and, used alongside PRINCE2®, provide a secure overall framework for the project work. Because PRINCE2® is generic and based on proven principles, organizations adopting the method as a standard can substantially improve their organizational capability and maturity across multiple areas of business activity - business change, construction, IT, mergers and acquisitions, research, product development and so on.
The PRINCE2® Qualification Scheme has been developed by AXELOS Limited to offer a tiered examination structure with three levels of qualification, Foundation, Practitioner, and Professional. The purpose of the practitioner qualification is to confirm you have achieved sufficient understanding of how to apply and tailor PRINCE2® in a scenario situation.
Datenschutzmanager (TÜV Rheinland)
The national legislation on the protection of personal data and the relevant European Union directives require an intensive examination of this matter in almost all companies. Based on the detailed knowledge of the relevant legislation, companies are required to establish and run a data protection management system which can be effectively and efficiently operated according to the interests of the company.
Contents of the seminar "Data protection manager" (Datenschutzmanager) of the TÜV Rheinland Akademie GmbH:
– Requirements for Data Protection and IT Security (confidentiality, availability and integrity)
– Privacy policy (business goals, principles of action)
– Elements of a data protection management system
– Process models for the development and implementation of a data protection management system
– Methods, techniques and tools
– Health-check and analysis, vulnerability identification, risk analysis
– Design, transition and operation of the data protection concept
– Documentation of the data protection management system (concept, procedures and work instructions)
– Interfaces with other operational management systems (ISO 9000, 27001 et seq), integration opportunities
Datenschutzauditor (TÜV Rheinland)
A data protection management system that meets the legal requirements and the company's data protection policies is a key competitive factor for companies. A crucial role for quality and effectiveness of such a system plays the data protection auditor who performs regular audits in the company.
Contents of the seminar "Data protection auditor" (Datenschutzauditor) of the TÜV Rheinland Akademie GmbH:
– Objectives of audits
– Requirements for internal audits and the internal auditor (with numerous practical examples)
– Planning and preparation of a data protection audit
– Conducting audits
– Interviews as an information source
– Examination of the technical equipment
– Examination of the structural and processual organization
– Examination of the technical and organizational security measures
– Inspections
– Evaluation, report and follow-up
– Creation of the audit report
– Prosecution of measures
– Presentation of tools (checklists, questionnaire, audit plans, incident reports)
Datenschutzbeauftragter (TÜV SÜD)
The seminar "Data Protection Officer" (Datenschutzbeauftragter or DSB) of the TÜV SÜD AG deepened our understanding of the Federal Data Protection Act (BDSG). We have been officially certified as a data protection officer by recognizing in particular our knowledge of:
– all relevant legal knowledge
– all technical knowledge to fulfill the task
– problems of the interfaces in workflows
– communication skills to convey data protection issues in the enterprise
– organizational skills for meaningful control of data protection in the enterprise
Externer Datenschutzbeauftragter (TÜV Rheinland)
Many organizations outsource professional data protection advices. The advantages are obvious: no costs incurred for the training of own staff. The use of an external data protection officer, however, is calculable by a defined time budget. With the practical experience and the expertise of an external data protection officer measures can often be implemented more quickly and with less effort. Rigorous training for such external data protection officers is indispensable.
Contents of the seminar "External data protection officer" (Externer Datenschutzbeauftragter or eDSB) of the TÜV Rheinland Akademie GmbH:
– Recent developments in legislation and case law
– Contracts for external data protection management
– Liability management
– Advertising, marketing, competition law
– Opportunities and risks of the market for eDSB
– Organization of data protection in the enterprise by eDSB
– Information gathering and assessment by eDSB
– Estimating the amount of work and design of data protection projects
– Professional reporting to client and authorities
– First steps of the eDSB
– The role of the eDSB in the company
– Networking as an eDSB
– Areas of conflict and approaches
