
Privacy Kit
- Complete solution for start-ups and smaller companies
- EU GDPR software
- External data protection officer
- Online trainings & free webinars
Our solutions
1 year term
Full flexibility
49 €/month
- Appointment of data protection officer
- GDPR Software
- Training Webinars
- 3 e-learning modules
3 years term
Cost-effective data protection
€32.50/month
- Appointment of data protection officer
- GDPR Software
- Training Webinars
- 3 e-learning modules
Privacy Kit - An overview
Privacy Kit - These are your advantages at IITR
We offer you an optimal service for the implementation of the EU General Data Protection Regulation:
- Free webinars every 6-8 weeks
- Competent contact persons
- Ongoing updates
- Competent contact persons
- Discount for recommendations
What does the Privacy Kit contain?
- Access to our EU GDPR software
- Numerous sample templates
- Version controlled management of your documents
- Appointment of an external data protection officer
- Folder with all documents and templates
- Individual eLearning trainings for your employees
- Additional free webinars every 6-8 weeks
- Newsletter with current changes in data protection
- Advertising material
EU GDPR Software? Just test it!
Request a free demo video:

Privacy Kit - These are your advantages at IITR
We offer you an optimal service for the implementation of the EU General Data Protection Regulation:

- Free webinars every 6-8 weeks
- Available languages: all documents in the Privacy Kit in English and German
- Ongoing updates
- Competent contact persons
- Discount for recommendations
Our Privacy Kit - This is how it is structured:

Incl. files with explanatory documents

Certification status
See if your company has satisfied all necessary requirements for certification. The audit is performed by the independent IITR Cert GmbH.
Version control
Changes to your documents are saved in accordance with the statutory requirement by means of version control so that they can trace any changes.
Easy to use
The Privacy Kit provides you with all necessary documents as templates. Any documents that your company already has can be added.
Choice of language
Contents are available in English and German.
eLearning
Access to data protection training for your employees. Employee training is a meaningful requirement under the EU GDPR.

The data protection guideline
The general regulation requires that small companies to create a data protection guideline, which sets down in writing how your company handles data protection.
Overview of all required documents
Maintain an overview of the current processing status of the documents required under EU GDPR, e.g., data processing contracts or procedure registers.
Data protection webinars
Take part in data protection webinars on a regular basis and rewatch the videos anytime in the Data Protection Kit.
Privacy Kit - These topics are covered
We cover these topics of the EU GDPR with our Privacy Kit:
- Data protection guideline for your company
- Records of processing activities
- Processor Agreements
- IT Security
- Rights of data subjects
- Website Privacy Policy
- Privacy Impact Assessment
- Data Breach Reporting
- Awareness Trainings for employees
- Annual Privacy Review
Webinar series on data protection: Stay up to date
As a user of the Data Protection Kit, you receive free access to our webinars that are held every six to eight weeks. These online data protection seminars are live events that take place at scheduled times. Feel free to take advantage of these webinars to pose questions to our speakers. All webinars are subsequently available as on-demand videos in the Data Protection Kit. The videos all have time stamps with keywords so you can easily rewatch specific sections.
On the one hand, the webinars elaborate on the functions of the Data Protection Kit in more depth – with a focus on the fundamental aspects that must be taken into account to ensure GDPR compliance. On the other hand, the online seminars address a wide range of special topics on data protection (e.g., home office, website tracking, fines, and much more).
This additional offering is intended for all users of the Data Protection Kit. It offers sound support and the opportunity to further enhance your existing knowledge.
Webinar content on data protection
Webinars on the following data protection topics are available in our webinar database:
Instructional webinars
Reporting data breaches
The webinar explains the conditions under which a violation of the protection of personal data must be reported to the data protection supervisory authority and, if applicable, to the data subject.
IT security and data protection
The webinar elaborates on which minimum IT standards should be met under the EU General Data Protection Regulation.
Data Protection Impact Assessment
The webinar discusses the requirements that need to be taken into account when conducting detailed testing of new processing systems that entail special risks for data subjects.
Handling requests for information
The webinar explains the proper procedure to follow when data subjects assert their rights (information, correction, deletion, restriction and data portability). We do this using the templates in the Data Protection Kit.
Information Security Checklist
Using as our basis the Bavarian Data Protection Authority’s checklist for “Good practices when implementing technical and organizational measures,” we examine in detail the recommendations regarding the minimum standards for IT systems. We discuss the IT requirements that companies – from the Data Protection Authority’s perspective – should comply with.
Website Data Protection Statement and information for data subjects
The webinar explains what information needs to be included in your Website Data Protection Statement.
Directory of processing activities
The webinar explains how to document your processing activities pursuant to the EU General Data Protection Regulation.
Outsourced data processing – in practice
The webinar addresses the issue of hiring third-party providers (i.e., lettershops, external hosting, call centers) to process personal data (“outsourced data processing”).
Review your own data protection status
The video explains how to review your own data protection status or have it reviewed by us and also discusses which IT security measures you should particularly observe.
Special topics on data protection
Home office and data protection
The webinar discusses the data protection requirements for home offices (in particular, from the standpoint of IT security).
Update on fines issued by the supervisory authorities
The webinar examines the factors taken into account by the data protection supervisory authorities when determining fines and looks at the fines currently in place (in particular, for web tracking, data subject rights, and IT security).
Video surveillance
The webinar discusses the requirements to heed when introducing video surveillance systems.
The audit practice of the data protection supervisory authorities
The webinar focuses on “the audit practice of the data protection supervisory authorities.”
Management Information Security
It is of central importance for companies of all sizes to position themselves professionally in the area of information security. In the webinar, our colleague, Mr. Ralf Zlamal, presents various ways to do this and provides tools to help you accomplish this on a daily basis.
Using contact data for advertising purposes
The webinar explains how to handle contact data in a GDPR-compliant manner and provides guidelines on using data for advertising purposes (also with regard to cold calling).
Video conference tools
The webinar explains how to use video conference tools in a GDPR-compliant manner (such as Microsoft Teams, Zoom, Webex, Skype, GoToMeeting, etc.).
Website tracking: An update following the decision of the German Federal Court of Justice regarding cookies
The video discusses how to use website tracking tools in a GDPR-compliant manner following the decision of the German Federal Court of Justice (decision of May 28, 2020). In particular, the following tools are addressed: Google Analytics, eTracker, Matomo/Piwik, Google Fonts, Google Maps, Google AdWords Conversion Tracking.
Privacy Shield: European Court of Justice
In this Webinar we discuss the decision of the European Court of Justice on the validity of "Privacy Shield". We provide specific recommendations on what to do in practice to implement the decision in practice (especially when using web based services of US providers).
What templates does the data protection tool contain for the list of processing activities?
In our EU GDPR software you will find prefilled templates which you can adapt for your company with just a few clicks. Templates are available for the following areas in particular:
Templates: prefilled documents for the description of your records of processing activities!
Templates for the following areas are available and can usually be used with minimal adjustments:
- New User accounts for IT systems
- Procurement and purchasing
- Candidate management
- Service provider support
- Document Management / Archiving
- Electronic payments
- E-mail usage
- Internet usage
- Customer support
- Personnel file
- Travel expense accounting
- PBX
- Video surveillance
- Website contact form
- Website tracking
- Time/attendance recording
This is how the IITR ordering process works
- You order a Privacy Kit from us.
- We will send you your contract by e-mail, which you sign and return to us. You will then receive the invoice from us.
- After receipt of payment, we will create your account for the EU GDPR software and send you the folder (including countersigned contract, certificate and advertising sticker). You will receive the login data by e-mail from us.
- Now you can edit the stored templates and sample texts on the various data protection topics in the data protection tool. You will find a video introduction to the operation after logging in or under this link.
1. Company size
Number of screen workstations:
FAQs Privacy Kit
• No limitation of liability as with the "internal" data protection officer
• No additional insurance required
• No initial training necessary
• No costs for ongoing training
• Regular terminability in contrast to the internal data protection officer
• Cost and effort optimization especially for small and medium-sized companies