The 1x1 to setting up your
data protection organization

Data protection is confusing for non-specialists. Here are the basics for anyone who wants to efficiently set up a legally compliant data protection organization.

Download Checklist
Data protection checklist
Data protection basics

The central question: What requirements does the GDPR place on you?

Most people are aware that your website needs a privacy policy. But how does your company handle personal data? And who is actually responsible in the event of a data protection breach?

Five key terms and duties
- in simple terms

Responsibilities in data protection

As a rule, the management of a company must ensure that the requirements of the GDPR are complied with. A separate data protection officer may need to be appointed (internally or externally). To clarify this, a data protection impact assessment (DPIA) is recommended, for example.

Personal data

According to the General Data Protection Regulation (GDPR), personal data is any information relating to an identified or identifiable natural person.

Data processing agreement (DPA)

A DPA must be concluded with your company's service providers in accordance with the GDPR if personal data is transferred to them in order to carry out data processing activities on your behalf.

Record of processing activities (Ropa)

The purpose of the processing directory is to provide an overview of all processes in which personal data is processed. It ensures transparency and traceability of data processing in the company. You can find out more about the Ropa and download a free sample here.

Technical & organizational measures (TOM)

Technical and organizational measures should ensure that the integrity and confidentiality of personal data in particular are maintained and that processing is secure. Depending on the type of data your company processes, TOMs may need to be more or less detailed. You can read more about TOMs here.

PRIMA - everything is easy, with a full range of functions

With PLANIT // PRIMA, you have all the building blocks for efficient data protection organization in a single tool. This enables GDPR-compliant documentation in just a few steps.
14 days free - no credit card required
PLANIT // PRIMA backed by PLANIT // LEGAL Lawyers

Developed by IT lawyers and data protection experts

The law firm PLANIT // PRIMA specializes in IT and data protection law. PRIMA was developed from within the firm. The tool has therefore been tried and tested in practice.