Search

Audit of data processors
incl. DPA contract review

Initial audit and follow-up inspections of your data processors as well as assistance by legal experts with contract drafting or review.

Compliance builds sustainable trust

activeMind-legal-ISO-27001-Siegel-2022-06-27
activemind-tisax-logo

Do you need to control your data processors?

As a controller, you are accountable under the General Data Protection Regulation (GDPR) when processing personal data. This means that you must be able to prove whether you comply with the requirements of data protection laws.

This accountability also extends to service providers who process personal data on your behalf. You as the controller must provide evidence of the selection of all data processors in compliance with data protection requirements and of their regular auditing (at least every two years).

When selecting and monitoring data processors, it is particularly important to check the technical and organisational measures (TOM) in accordance with the current state of the art and specifically related to the service provided. This is a great challenge for many companies!

Auditing of data processors by lawyers

The initial control in the selection procedure as well as the follow-up controls for existing processing operations require in-depth legal and technical knowledge. Our specialised lawyers are happy to support you every step of the way.

Together with you, we create a template data processing agreement that you can use for your service providers. In doing so, we take into account not only data protection law but also your interests and exploit the possible scope for design to your benefit. We are also happy to review and evaluate existing contracts and point out necessary or recommendable changes.

If you have to agree to the data processing agreements of your service providers, we check them for conformity with the GDPR, for hidden cost traps as well as for whether the contracts are in any way contrary to your interests, as permissible but unfavourable alternatives may be chosen for you.

We check the contractual and technical arrangements with your planned service providers before the planned cooperation and provide a meaningful review report. If necessary, we help to remedy grievances and negotiate recommendable changes.

If you already have an existing contractual relationship, we check the actual implementation of individual measures at your processors on the basis of the data processing agreement between you and your service provider, including the technical and organisational measures promised. If necessary, we will provide specific information on how to remedy any deficiencies found.

Zwei Mitarbeiter von activeMind besprechen einen aktuellen Fall

4 reasons to let activeMind.legal handle your data protection audits

Specialised lawyers

Our law firm with offices in Berlin and Munich specialises in data protection law and related areas of law. We not only know what you have to do according to the GDPR, but also how best to do it.

Technical expertise

Through regular internal and external training, we ensure that our consultants master all relevant technologies and can apply them in practice.

International orientation

In our team, we speak 10+ European languages and serve clients from all over the world. With partner law firms in the UK and Switzerland, we can audit processors in all countries in Europe.

Compliance enabler

We live data protection, information security and quality assurance management every day at our law firm. Compliance is part of our corporate DNA. That is why we are particularly good at enabling you to provide legally compliant business models and services.

Non-binding request

In order for us to be able to provide you with an individual offer for the audit of contracts or processors, please provide us with some information in advance.

A member of staff will get back to you within two working days to suggest an appointment for an initial phone call.

Our experts are all legal professionals and as such where they are not mandated by statute to maintain confidentiality, they are bound by be the ethics of their profession and will naturally treat all correspondence and information confidentially.

Contact us!

Secure the knowledge of our experts!

Subscribe to our free newsletter: