Das Team der OBSECOM GmbH

OBSECOM – The Data Privacy Professionals

From the heart of Baden-Württemberg, the economic powerhouse in the south-west of Germany, we advise our clients as external Data Protection Officers across national borders in the EU, the UK, USA, Canada and Asia. Our clients are companies of different sizes and industries: from small and medium-sized enterprises to international corporations. We also advise liberal professions such as notaries, law firms, architects, healthcare providers, as well as unincorporated associations and non-profit organisations.

The OBSECOM GmbH is based in Stuttgart. We provide data privacy and information security services as a one stop shop and attach particular importance to professional and personal advice. All our Data Protection Officers are certified by the German Association for Data Protection and Data Security e.V. (GDD) and have extensive specialist knowledge. In addition, we closely work with specialised law firms in the areas of data protection law, IT law, employment, medical and administrative law.

Logo GDDcert. EU
Logo GDD member

Our network partners are law firms with extensive expertise in advising SME businesses and corporate groups:

Logo KPW
Our partner in data protection law, competition law and IT law: Kurz Pfitzer Wolf & Partner Rechtsanwälte mbB in Stuttgart
Logo HGPOur partner in medical law and administrative law: Hartmann, Gallus und Partner Rechtsanwälte in Stuttgart

We reduce business risks by making your organisation GDPR compliant

Our promise as your external Data Protection Officer: Do not worry about data protection and gain more time for your core duties. We recommend measures to improve data protection in your organisation and take care of the step-by-step implementation. All activities are closely coordinated with you.

Our six-step approach to get your organisation GDPR compliant:

get to know each other
We record your organisation’s requirements in a non-binding get-to-know meeting and inform you about our services.
In a comprehensive audit, we document the processing of personal data in your organisation.
You receive an audit report with prioritised recommendations, templates and draft procedures.
In follow-up meetings we advise and support your organisation in the implementation of our recommendations.
ongoing support
Based on a consultancy package with credit hours, we support your organisation as Data Protection Officers, for example in the event of a data breach, for privacy impact assessments or the implementation of new processing activities.
With extras such as access to our OBSECOM platform, staff training and webinars, you always have access to the latest information.

We find solutions to integrate data protection into your business processes

Data protection is a process. Our goal is to integrate the protection of personal data as a component of your existing business processes without major restructuring. As external Data Protection Officers, we want to understand your operations and work with you to find adequate solutions. The OBSECOM team looks at the various aspects of your business from an overarching perspective and highlights the core issues of information security and data protection.

Our strengths:

  • Personal advice from qualified consultants
  • Collaboration supported by our digital platform (ODP)
  • Advice on the implementation of specific topics (for example, data protection for employees)
  • Staff training and raising awareness among employees
  • Special expertise in international data transfer
  • Representation of controllers and processors not established in the European Union
  • Coordination with Information Governance Policies and ITIL procedures

The OBSECOM platform – your central management for data protection

As your external Data Protection Officers, we document all measures to improve data privacy and make this information, templates and documents available to you in our OBSECOM platform. Your internal data protection coordinators have insight and access at all times.

Among other things, the OBSECOM platform offers these features

  • Documentation on technical and organisational security measures;
  • Data processing agreements and records on the processing of personal data by sub-contractors;
  • Maintaining the register of processing activities;
  • Keeping track of data breaches;
  • Templates for drafting privacy notices and responding to data subject requests;
  • Submit information for review and approval by the Data Protection Officer;
  • Templates and checklists for relevant data privacy topics;
  • Task management with reminders for reviewing unfinished tasks;
  • Procedures for privacy impact assessments and risk analysis;
  • Store your own documents in a secure document library;
  • Materials and videos for staff training.

Data protection services

As an external data protection officer in Stuttgart, OBSECOM GmbH offers data protection services for various industries. For more details on what we offer, see: Services by Industry.