Privacy-Kit
- Comprehensive Solutions for Start-Ups and smaller Companies
- EU GDPR Compliance Software
- External Data Protection Officer
- Online Trainings & Webinars
Request offer Book an appointment
Our Data Protection Kit Products
A service overview for quick orientation
- External Data Protection Officer
- Data Protection Management System
- Comprehensive Data Protection Guide
- Extensive Data Protection Templates
- Data Protection News and Updates
- Data Protection Webinars
- Data Protection Q&A Sessions
- AI-based Chatbot
- eLearning Basic Package
- eLearning Complete Package
- Comprehensive Website Check
- Consulting Services
- Annual Data Protection Audit
- Personalized Onboarding
- Dedicated Contact Person
- Costs
Basic
Small businesses up to 20 employees
Without included consulting quota
- €590/1 year • €1,170/3 years
Active
Small businesses up to 20 employees
Access to all eLearning modules
- €890/1 year • €1,980/3 years
Plus
Businesses up to 50 employees
including consulting quota
& data protection audit
- €290/month
included not included available as add-on
Privacy-Kit - These are your advantages at IITR
We offer you an optimal service for the implementation of the EU General Data Protection Regulation:
- Free Webinars every 6-8 weeks
- Available in German and English
- Regular Software Updates including the latest developments in Data Privacy Law
- Competent contact persons
- Referral Discount
Difference between Data Protection Software and Data Protection Management System
Software for data protection: “Data Protection Software” and “Data Protection Management System”
Two options can be distinguished for making software usable for data protection. However, both approaches address different expectations, and their operation requires stakeholders with different mindsets.
First, data protection software aims to fulfill data protection requirements as digitally—and ideally as automatically—as possible. An IT specialist is needed to begin with, to install the selected data protection software and integrate it with existing systems. For subsequent administration, they must have basic legal knowledge to tailor the legal requirements to the specifics of their existing IT environment. Misconfiguring such data protection software can lead to undesirable consequences.
Also software, but with a different approach, is the data protection management system. No installation is necessary. The data protection management system is operated by employees who are familiar with document-based work. It explains the necessary steps to implement data protection in a legally compliant manner within the company and provides templates for the required documentation and statements, whose submission is captured in the system with versioning. A good data protection management system forms the basis for data protection certification.
Both approaches differ in the tasks required of the responsible personnel and in their professional qualifications. The differing approaches can influence how transparent the company’s current data protection status is. In both approaches, responsibility for the company’s data protection status remains with management. Software does not assume responsibility.
EU GDPR Software? Just test it!
Request a free demo video:
Our Privacy-Kit - This is how it is structured:
Certification Status
See whether your company has met all the requirements for certification. The audit is conducted by the independent IITR Cert GmbH.
Versioning
Changes to your documents are stored in a traceable way through versioning in accordance with legal requirements.
eLearning
Access to training your employees in data protection. Raising employee awareness is an important requirement under the EU GDPR. Various courses are available.
Language Selection
Content available in German and English (webinars available in German only).
Incl. binder with explanatory materials
The Data Protection Guide
The General Data Protection Regulation (GDPR) requires all companies to have a data protection guide. This document sets out in writing how your company is organized for data protection.
Overview of all required documents
Keep track of the current processing status of the documents required by the EU GDPR, e.g., data processing agreements (DPAs) or the record of processing activities (RoPA).
Data Protection Webinars
Participate regularly in webinars on data protection. You can access the videos at any time in the Data Protection Kit.
Ease of Use
The Data Protection Kit provides all required documents as templates. Documents already existing in your company can be added/imported.
Privacy-Kit - These topics are covered
We cover these topics of the EU GDPR with our Privacy-Kit:
- Data Protection Statement for your Company
- Records of processing activities
- Processor Agreements
- IT Security
- Rights of data subjects
- Website Privacy Policy
- Privacy Impact Assessment
- Data Breach Reporting
- Awareness Trainings for employees
- Annual Privacy Review
Webinar offer on data protection
Stay up to date
At regular intervals of six to eight weeks, we offer you as a user of the Data Protection Kit free webinars. Our data protection online seminars take place as scheduled live sessions. Feel free to use these to ask our speakers questions directly. Afterwards, all webinars are available to you as on-demand videos within the Data Protection Kit. The videos are tagged with chapter markers and keywords so that you can revisit specific passages.
The webinars further deepen the functions of the Data Protection Kit. These cover fundamental aspects that need to be considered when complying with the GDPR. In addition, our online seminars address a wide range of other specialist topics related to data protection (e.g., remote work, website tracking, fines, and much more).
This additional offering is aimed at all users of the Data Protection Kit. It provides sound guidance and the opportunity to further build on existing knowledge.
Webinar Content on Data Protection
The following data protection topics are already available in our webinar database:
Guide Webinars
Reporting Data Breaches
This webinar explains under which conditions a personal data breach must be reported to the data protection supervisory authority and, where applicable, to the data subjects.
Information Security and Data Protection
We address which IT minimum standards should be met under the EU General Data Protection Regulation (GDPR).
Data Protection Impact Assessment (DPIA)
In this webinar, we discuss the requirements for the detailed assessment of new processing systems that pose particular risks to data subjects.
Data Subject Requests in Practice
Using the templates in the Data Protection Kit, we explain how to handle the exercise of data subject rights (access, rectification, erasure, restriction, and data portability) correctly.
Information Security Checklist
Based on the “Good Practice for Technical and Organisational Measures” checklist from the Bavarian State Office for Data Protection Supervision, we go through the recommendations for minimum standards for IT systems in detail. We discuss which requirements companies should meet in their IT from the supervisory perspective.
Website Privacy Policy and Information for Data Subjects
This webinar covers which details your website privacy policy should include.
Record of Processing Activities
We explain how your processing activities must be documented under the EU GDPR.
Processor Agreements in Practice
This webinar covers the use of third-party service providers (e.g., lettershop, external hosting, call centers) for processing personal data (so-called “processing on behalf”).
Reviewing Your Own Data Protection Status
This video shows how you can assess your company’s data protection status yourself or have it reviewed by us, and which IT security measures deserve special attention.
Meeting the Core Requirements with the Data Protection Kit
In this webinar, we comprehensively cover, step by step, how to use the Data Protection Kit to meet the central legal requirements for data protection.
Special Topics on Data Protection
Overview of Our Topics
Remote Work (Home Office) and Data Protection
Webinar discussing data protection requirements for home office workstations (especially in the area of information security).
Supervisory Authorities’ Fine Update
This webinar covers the supervisory authorities’ “fine schedule” and recent fines imposed by the authorities (particularly in the areas of web tracking, data subject rights, and information security).
Audit Practices of Data Protection Authorities
This webinar addresses the topic of “audit practices of data protection supervisory authorities.”
Information Security Management
It is crucial for companies of all sizes to take a professional approach to information security. In this webinar, our colleague Mr. Ralf Zlamal presents tools you can use to accomplish this in day-to-day operations.
Authority: 50 Questions on Data Protection
The Thuringian State Commissioner for Data Protection and Freedom of Information, together with the Chamber of Industry and Commerce (IHK), has compiled a “Data Protection FAQ List.” It addresses the roughly 50 most frequently asked questions companies have about data protection. We go through the list in detail and explain—using the Data Protection Kit—how you can address the legal requirements simply and pragmatically with our tools.
Promotional Use of Contact Data
In this webinar, we explain the legally compliant handling of contact data and outline the framework conditions for using data for promotional purposes (including cold outreach).
Video Conferencing Tools
In this webinar, we set out the data protection framework for using video conferencing tools (such as Microsoft Teams, Zoom, Webex, Skype, GoToMeeting, etc.).
Website Tracking: Update Following the BGH Cookie Ruling
In this video, we discuss the data protection framework for using website tracking tools following the ruling of the German Federal Court of Justice (BGH, decision of 28 May 2020). In particular, the following tools are covered: Google Analytics, eTracker, Matomo/Piwik, Google Fonts, Google Maps, Google AdWords Conversion Tracking.
Acquiring New Customers under the GDPR
In this webinar, we explain the data protection requirements to consider when acquiring new customers (especially for email marketing, telephone marketing, using social media platforms, and postal advertising).
Video Surveillance
In this webinar, we present the requirements for introducing video surveillance systems.
Sample Templates
Which sample templates does the data protection tool include for the Record of Processing Activities?
In our GDPR software you will find pre-filled processing activities that you can adapt to your company with just a few clicks. Processing activities are available in particular for the following areas:
Sample documents: pre-filled processing activities as templates within the records of processing activities!
Processing activities are available for the following areas and can generally be used with minimal adjustments:
- User provisioning in IT systems
- Procurement and purchasing
- Applicant management
- Service provider management
- Staff scheduling
- Document management / archiving
- Electronic payments
- Email use
- Internet use
- Customer support
- Personnel file
- Travel expense reimbursement
- Telecommunications system (PBX)
- Video surveillance
- Website contact form
- Website tracking
- Time & attendance tracking
How the Ordering Process Works at IITR
Order
You place an order for a Data Protection Kit with us.
Contract Finalization
We send your contract to you by email. You sign it and return it to us. After that, you receive the invoice.
Processing
After we receive payment, we create your account for the GDPR software and ship the Leitz folder (including the countersigned contract, certificate, and promotional sticker). You will receive the login details from us by email.
Use
You can now edit the stored templates and sample texts for various data protection topics in the Data Protection Tool. A video introduction to using the tool is available after login or via this link.
Request a quote now
1. Company size
Number of screen workstations:
FAQs Privacy Kit
We are happy to answer your questions
We will inform you about all relevant changes in data protection in our newsletter. We also offer our clients regular webinars on current data protection topics at no additional cost. You can view these again later in the Privacy Kit.
Benefit from the advantages of an external data protection officer:
- No limitation of liability as with the "internal" data protection officer
- No additional insurance required
- No initial training necessary
- No costs for ongoing training
- Regular terminability in contrast to the internal data protection officer
- Cost and effort optimization especially for small and medium-sized companies
With our data Privacy Kit with a one-year contract period, the contract is automatically extended by one year each time if the contract is not terminated in due time.
The Privacy Kit itself does not contain a consulting quota. If you are interested, our data protection experts will be happy to advise you on your request by e-mail or telephone for an additional charge. The costs are 180 Euro per hour plus VAT.
Yes, the Privacy Kit includes the appointment of an external data protection officer for your company at no extra charge.
Customers of the Privacy Kit are welcome to display it on the website or on flyers. In this way you can show your customers that you take data protection seriously and implement the EU GDPR. We will provide you with an appropriate logo for this purpose.
You have to appoint an internal or external data protection officer if twenty or more employees in your company are entrusted with electronic data processing (e.g. if more than twenty employees work on a PC). You may also be obliged to appoint a DPO if your company is subject to a special case under Article 37 of the EU General Data Protection Regulation.
If you successfully recommend the Privacy Kit as a customer, you will receive a one-time discount of 95 Euro (plus VAT) per recommendation on your next invoice. Please use the field "Referral" in the order form for a correct assignment.