We offer various data protection packages in order to be able to respond exactly to the needs of your company. Access to our heyData platform and the function of heyData as your personal external data protection officer included in each of the three packages.
Choose exactly the package that suits your company:
Activity as an external data protection officer
Creation of the processing directory
Communication with competent data protection authority
Creation of data protection declarations (for websites and apps)
Activities related to data breaches
Creation of a deletion concept
Support for information, objection and deletion requests, among other things
Use of the heyData platform
Carrying out an annual audit with a report
Provision of sample documents
In addition to our basic package, the following services await you:
Feedback from personal contact
within 48 hours
additional support of 10h/year
additional administrator access to the heyData platform
Check the privacy documentation for updates
annual audit
Support in the context of data protection impact assessments
In addition to our basic package, the following services await you:
Feedback from personal contact
within 24 hours
Telephone support
additional support of 18h/year
5 administrator accesses to the heyData platform
Document white labeling (own
company branding instead of heyData templates)
"In retrospect, our cooperation with heyData was absolutely recommendable. Not only are the approaches to our requirements carried out considerately and thoroughly, but also the support as soon as the data protection measures are put into effect."
Robin Klemm from November
"The cooperation with heyData has clearly reflected the principle of data protection - trusting, reliable and transparent. Thanks to heyData's support, we feel we are constantly looked after and in good hands."
Konrad Lange from Lendis
"At heyData we have a personal contact, quick help and, above all, a clear price structure. They offer an optimal price-performance ratio, which is particularly important to us as a fintech start-up. The overall package just fits."
Kurosh Habibi by Carl Finance
The basic idea of data protection is that modern data processing endangers the free development of the personality of each individual. The assumption is that those who do not know or cannot control what information is being stored and retained about him or her adjust their behavior out of caution. Data protection therefore protects individuals from the state or a company collecting or storing their personal data without authorisation. The General Data Protection Regulation (GDPR) of 2018 sets strict limits on the processing of personal data. It is important that companies follow these guidelines, otherwise there is a risk of fines, warnings and competitive disadvantages.
On our How it works page you can find out why data protection is relevant for your company and how we at heyData support you. In our FAQs, our data protection basics and in our magazine you will also get an overview of the complex topic of data protection. Our white papers also provide an insight into the important basics of data protection aspects. Finally, we regularly offer free webinars on data protection. These give you the opportunity to educate yourself on exciting topics and to ask an expert questions.
Internally, it is an important task of a data protection officer in accordance with Art. 39 Para. 1 GDPR to point out that data protection regulations are observed. However, this is not an end in itself, but rather protects your company from expensive fines. 17 supervisory authorities monitor compliance with data protection regulations on the state side. If there are violations, your company can be punished with fines of up to 20 million euros or 4% of the turnover. In addition, warnings are threatened.
The Data Protection Act regulates all relevant provisions that affect personal data processing in the company. Every company that operates in the EU is obliged to comply with data protection regulations. Management is responsible for this.
The most important obligations of companies in the data protection area are:
We offer various data protection packages in order to be able to cater precisely to the needs of your company. Access to heydata platform and heyData's function as a personal external data protection officer is included in each of the three packages. Choose exactly the package that suits your company:
“In retrospect, our cooperation with heyData was absolutely recommendable. Not only are the approaches to our requirements carried out considerately and thoroughly, but also support as soon as the data protection measures are put into effect. "
“The cooperation with heyData clearly reflected the principle of data protection - trustworthy, reliable and transparent. Thanks to heyData's support, we feel looked after and in good hands at all times ”
“At heyData we have a personal contact, quick help and, above all, a clear price structure. They offer an optimal price-performance ratio, which is particularly important to us as a fintech startup. The overall package just fits. "
If you and your company meet one or more of the following criteria, then YES:
- Your company employs more than 20 people
- The employees regularly process automated data
- Special categories of personal data are processed in the company, such as ethnic origin, political opinion, religious conviction, health, the person's sex life
- Business-related personal data is transmitted, collected, processed or used and this represents a core activity of the company (this is the case with almost all companies that are related to personnel, e.g. software, recruiting, headhunting, consulting, etc.)
According to the GDPR, personal data is all information that relates to an identifiable or identified natural person. The persons concerned can be identified if they can be identified directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, a location or other features. In practice, this includes all data that can be assigned to a person in any way. Examples of this are telephone numbers, ID numbers, account details, license plates, customer numbers, e-mail addresses or postal addresses.
As soon as you have decided to work with heyData, after an initial needs analysis, we will carry out a data protection audit with your company in order to understand the processes of your company holistically - this process is digitally accompanied and supervised by the data protection advisor. We will then work with you to prepare the necessary documentation and, if necessary, adapt the website of your company according to our instructions, should there be a need for changes in order to achieve conformity. Depending on the package, we are then involved in a wide variety of processes in your company that require the expertise of a data protection officer to protect you in all matters; this usually extends to HR, marketing, product but also business development processes.
Our contract periods are either 12 or 24 months.
The data protection audit is intended to examine the processes of your company and to identify the essential points of data processing. You will then receive documentation of this so that the positions, the type of data processed and the persons responsible are also available as a diagram at any time.
If you and your company meet one or more of the following criteria, then YES:
- Your company employs more than 20 people
- The employees regularly process automated data
- Special categories of personal data are processed in the company, such as ethnic origin, political opinion, religious conviction, health, the person's sex life
- Business-related personal data is transmitted, collected, processed or used and this represents a core activity of the company (this is the case with almost all companies that are related to personnel, e.g. software, recruiting, headhunting, consulting, etc.)
According to the GDPR, personal data is all information that relates to an identifiable or identified natural person. The persons concerned can be identified if they can be identified directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, a location or other features. In practice, this includes all data that can be assigned to a person in any way. Examples of this are telephone numbers, ID numbers, account details, license plates, customer numbers, e-mail addresses or postal addresses.
As soon as you have decided to work with heyData, after an initial needs analysis, we will carry out a data protection audit with your company in order to understand the processes of your company holistically - this process is digitally accompanied and supervised by the data protection advisor. We will then work with you to prepare the necessary documentation and, if necessary, adapt the website of your company according to our instructions, should there be a need for changes in order to achieve conformity. Depending on the package, we are then involved in a wide variety of processes in your company that require the expertise of a data protection officer to protect you in all matters; this usually extends to HR, marketing, product but also business development processes.
The regular contract term is 24 months.
The data protection audit is intended to examine the processes of your company and to identify the essential points of data processing. You will then receive documentation of this so that the positions, the type of data processed and the persons responsible are also available as a diagram at any time.