external data protection officer

The external data protection officers of DATUREX GmbH are your experts for data protection and information security. We are external data protection officers and data protection auditors as well as information security officers with several years of experience. We advise dozens of companies from a wide range of industries every year and actively support a large number of clients.







Hermann-Reichelt-Strasse 3A 01109 Dresden

Opening hours


8 am - 6 pm

Customers of DATUREX GmbH


Who we are

We are Computer scientists and lawyers specialized in external data protection and information security as well as certified (TÜV+IHK+BSI).

We are certified and tested by:

 BSI vice president contradicts Maaßen's conspiracy theories

Originally, we come from the royal league of IT, software development. We have interdisciplinary teams with computer scientists and lawyers.

Individual employees at our company have an extended security clearance ("Ü2") in accordance with § 9 SÜG and are therefore allowed to work in environments that have access to SECRET have classified information.

Due to 20 years of work as a computer scientist and 10 years of experience as an external data protection officer, consulting on technical and organizational measures (according to Art.32 - EU-DSGVO - security of processing) is no problem. Thus, we can offer you a comprehensive overall package.

As external data protection officers, we pursue two goals:

Only with trained staff, secured processes and a secure IT landscape can you avoid expensive breaches of the new regulation (DSGVO).

Through a network of other experts, we can provide the client with optimal advice as an external data protection officer.

Your benefit
  • Legal certainty in dealing with data worthy of protection
  • Improvements for security in data processing
  • Relieving the burden on the company organization by appointing an external data protection officer
  • High expertise
  • Neutral advice
  • Current information on data protection issues
  • Contacts with authorities and professional colleagues

External data protection officer

We are available to you as an external data protection officer and thus cover your legal obligations according to DSGVO.

External information security officer

We are available to you as an external information security officer and thus cover your legal obligations insofar as you are obligated, for example, as a Kritis participant or from other laws such as the IT Security Act. We are also available for certifications in the area of information security such as ISO 27001, TISAX, etc.

Data protection management

Our data protection management offers you a method for systematically planning, organizing, managing and controlling the legal and operational requirements of data protection.

On site with you

We attach great importance to personal proximity to our clients and are always ready for personal on-site appointments.


A variety of online and on-site training options are available to our clients, ensuring ongoing hands-on employee awareness.

Funding for data protection

External data protection is eligible for funding. You can apply for funding for your company from the Federal Office of Economics and Export Control (BAFA). We will be happy to assist you in submitting your application.


How do you also achieve the specifications according to the regulation:

All processes in a company must be geared to the question: What are the risks for the data subjects and their data? Higher personal responsibility through an increased level of documentation in the company, this is a central goal of the GDPR.

external data protection officer

The procedure

The new EU General Data Protection Regulation has been in force since 25. 05. 2018.
The appointment of an external data protection officer is unavoidable if at least twenty persons are involved in the processing of personal data. Another criterion is when processing operations are undertaken that are subject to a data protection impact assessment pursuant to Art. 35 DS-GVO or personal data are processed commercially for the purpose of transmission or for the purpose of marketing activities.
As external data protection officers, we provide our clients with neutral advice.
We guarantee a high level of experience, expertise and the necessary competence on the subject of data protection.

Appointment as external data protection officer and DSGVO-compliant consulting

Appoint us as external data protection officer and name us before the state data protection authority. We assume liability up to 1.5 million euros in the event of damage. If you appoint us as your external data protection officer, you avoid high personnel costs and permanent training costs for an employee who cannot be terminated.


The inventory is a complete documentation of all processes in which personal data are processed in the company.

The thorough inventory reveals a large number of processes relevant to data protection.


The analysis of the inventory means that the documented processing activities are checked for data protection compliance.

Each processing activity is linked to a checklist. The questions in the checklists are used to check whether the respective processing activity is carried out in compliance with the law.


After analyzing a processing activity, the result is evaluated to reveal vulnerabilities and risks.


Updating of processing activities that are not data protection compliant. Processes and sub-processes that are not completely data protection compliant must be adapted.


Applicants, employees and customers are informed comprehensively about the processing of their personal data in accordance with data protection law by means of information sheets in accordance with Articles 13 and 14 DSGVO. Furthermore, a data protection manual is made available to employees as an instruction manual with guidelines and directives, as well as emergency plans and further service instructions on data protection. Your employees will also be trained once a year and thus sensitized to the new data protection.

Data protection officers cannot protect data; at most, they can check whether data is being adequately protected.

-Joachim Gauck

Our eLearning app for smartphones.

We are the only external data protection officers with our own app.

DATUREX GmbH offers a free app for eLearning on data protection and information security. Everybody is invited to participate in free basic trainings and to get further education. You can find further trainings for the deepening of various data protection topics in our Store.