Privacy Kit: Data Protection Management System for the EU GDPR

Cost-effective complete solution for smaller companies and organizations
Incl. EU GDPR software & external data protection officer
Incl. online trainings & free webinars

  • haekchen

    From €32,50

    per month plus VAT
    (billed annually)

  • haekchen



The Privacy Kit will guide you through the EU GDPR easily and in an organized manner.

Privacy Kit – Our offers

Privacy Kit

„Full flexibility“

1 Year
minimum contract period

€ 590 / per year plus VAT.

Privacy Kit

„Cost-effective data protection“

3 Years
minimum contract period

€ 390 / per year plus VAT.
(Billing in advance for 3 years)


Hosted in Germany Signet

What does the Privacy Kit contain?

  • Access to our EU GDPR software
  • Numerous sample templates
  • Version controlled management of your documents
  • Appointment of an external data protection officer
  • Folder with all documents and templates
  • Individual eLearning trainings for your employees
  • Additional free webinars every 6-8 weeks
  • Newsletter with current changes in data protection
  • Advertising material

EU GDPR Software? Just test it!


Privacy Kit - These are your advantages at IITR

We offer you an optimal service for the implementation of the EU General Data Protection Regulation:

  • Free webinars every 6-8 weeks
  • Available languages: all documents in the Privacy Kit in English and German
  • Ongoing updates
  • Competent contact persons
  • Discount for recommendations

Our Privacy Kit - This is how it is structured:

compliance kit features pic

Incl. files with explanatory documents

datenschutz kit ordner

Certification status

See if your company has satisfied all necessary requirements for certification. The audit is performed by the independent IITR Cert GmbH.

Version control

Changes to your documents are saved in accordance with the statutory requirement by means of version control so that they can trace any changes.

Easy to use

The Privacy Kit provides you with all necessary documents as templates. Any documents that your company already has can be added.



Choice of language

Contents are available in English and German.


Access to data protection training for your employees. Employee training is a meaningful requirement under the EU GDPR.

compliance kit features elearing

The data protection guideline

The general regulation requires that small companies to create a data protection guideline, which sets down in writing how your company handles data protection.

Overview of all required documents

Maintain an overview of the current processing status of the documents required under EU GDPR, e.g., data processing contracts or procedure registers.

Data protection webinars

Take part in data protection webinars on a regular basis and rewatch the videos anytime in the Data Protection Kit.

Privacy Kit - These topics are covered

We cover these topics of the EU GDPR with our Privacy Kit:

  • Data protection guideline for your company
  • Records of processing activities
  • Processor Agreements
  • IT Security
  • Rights of data subjects
  • Website Privacy Policy
  • Privacy Impact Assessment
  • Data Breach Reporting
  • Awareness Trainings for employees
  • Annual Privacy Review

Webinar series on data protection: Stay up to date

As a user of the Data Protection Kit, you receive free access to our webinars that are held every six to eight weeks. These online data protection seminars are live events that take place at scheduled times. Feel free to take advantage of these webinars to pose questions to our speakers. All webinars are subsequently available as on-demand videos in the Data Protection Kit. The videos all have time stamps with keywords so you can easily rewatch specific sections.

On the one hand, the webinars elaborate on the functions of the Data Protection Kit in more depth – with a focus on the fundamental aspects that must be taken into account to ensure GDPR compliance. On the other hand, the online seminars address a wide range of special topics on data protection (e.g., home office, website tracking, fines, and much more).

This additional offering is intended for all users of the Data Protection Kit. It offers sound support and the opportunity to further enhance your existing knowledge.

Datenschutz-Webinare jederzeit abrufbar im Datenschutz-Kit

Webinar content on data protection

Webinars on the following data protection topics are available in our webinar database:

Instructional webinars

Reporting data breaches

The webinar explains the conditions under which a violation of the protection of personal data must be reported to the data protection supervisory authority and, if applicable, to the data subject.

IT security and data protection

The webinar elaborates on which minimum IT standards should be met under the EU General Data Protection Regulation.

Data Protection Impact Assessment

The webinar discusses the requirements that need to be taken into account when conducting detailed testing of new processing systems that entail special risks for data subjects.

Handling requests for information

The webinar explains the proper procedure to follow when data subjects assert their rights (information, correction, deletion, restriction and data portability). We do this using the templates in the Data Protection Kit.

Information Security Checklist

Using as our basis the Bavarian Data Protection Authority’s checklist for “Good practices when implementing technical and organizational measures,” we examine in detail the recommendations regarding the minimum standards for IT systems. We discuss the IT requirements that companies – from the Data Protection Authority’s perspective – should comply with.

Website Data Protection Statement and information for data subjects

The webinar explains what information needs to be included in your Website Data Protection Statement.

Directory of processing activities

The webinar explains how to document your processing activities pursuant to the EU General Data Protection Regulation.

Outsourced data processing – in practice

The webinar addresses the issue of hiring third-party providers (i.e., lettershops, external hosting, call centers) to process personal data (“outsourced data processing”).

Review your own data protection status

The video explains how to review your own data protection status or have it reviewed by us and also discusses which IT security measures you should particularly observe.


Special topics on data protection

Home office and data protection

The webinar discusses the data protection requirements for home offices (in particular, from the standpoint of IT security).

Update on fines issued by the supervisory authorities

The webinar examines the factors taken into account by the data protection supervisory authorities when determining fines and looks at the fines currently in place (in particular, for web tracking, data subject rights, and IT security).

Video surveillance

The webinar discusses the requirements to heed when introducing video surveillance systems.

The audit practice of the data protection supervisory authorities

The webinar focuses on “the audit practice of the data protection supervisory authorities.”

Management Information Security

It is of central importance for companies of all sizes to position themselves professionally in the area of information security. In the webinar, our colleague, Mr. Ralf Zlamal, presents various ways to do this and provides tools to help you accomplish this on a daily basis.

Using contact data for advertising purposes

The webinar explains how to handle contact data in a GDPR-compliant manner and provides guidelines on using data for advertising purposes (also with regard to cold calling).

Video conference tools

The webinar explains how to use video conference tools in a GDPR-compliant manner (such as Microsoft Teams, Zoom, Webex, Skype, GoToMeeting, etc.).

Website tracking: An update following the decision of the German Federal Court of Justice regarding cookies

The video discusses how to use website tracking tools in a GDPR-compliant manner following the decision of the German Federal Court of Justice (decision of May 28, 2020). In particular, the following tools are addressed: Google Analytics, eTracker, Matomo/Piwik, Google Fonts, Google Maps, Google AdWords Conversion Tracking.

Privacy Shield: European Court of Justice

In this Webinar we discuss the decision of the European Court of Justice on the validity of "Privacy Shield". We provide specific recommendations on what to do in practice to implement the decision in practice (especially when using web based services of US providers).


What templates does the data protection tool contain for the list of processing activities?

In our EU GDPR software you will find prefilled templates which you can adapt for your company with just a few clicks. Templates are available for the following areas in particular:

Templates: prefilled documents for the description of your records of processing activities!

Templates for the following areas are available and can usually be used with minimal adjustments:

- New User accounts for IT systems
- Procurement and purchasing
- Candidate management
- Service provider support
- Document Management / Archiving

- Electronic payments
- E-mail usage
- Internet usage
- Customer support
- Personnel file
- Travel expense accounting

- Video surveillance
- Website contact form
- Website tracking
- Time/attendance recording

This is how the IITR ordering process works

Kundenberater Icon

1. You order a Privacy Kit from us.

Brief Icon

2. We will send you your contract by e-mail, which you sign and return to us. You will then receive the invoice from us.

Lieferwagen Icon

3. After receipt of payment, we will create your account for the EU GDPR software and send you the folder (including countersigned contract, certificate and advertising sticker). You will receive the login data by e-mail from us.

PC Icon

4. Now you can edit the stored templates and sample texts on the various data protection topics in the data protection tool. You will find a video introduction to the operation after logging in or under this link.

FAQs Privacy Kit

Will I be regularly informed about new topics in data protection?

We will inform you about all relevant changes in data protection in our newsletter. We also offer our clients regular webinars on current data protection topics at no additional cost. You can view these again later in the Privacy Kit.

Is there a minimum contract duration?

With our data Privacy Kit with a one-year contract period, the contract is automatically extended by one year each time if the contract is not terminated in due time.

Is the appointment of a data protection officer included in the Privacy Kit?

Yes, the Privacy Kit includes the appointment of an external data protection officer for your company at no extra charge.

When does a company need a data protection officer?

You have to appoint an internal or external data protection officer if twenty or more employees in your company are entrusted with electronic data processing (e.g. if more than twenty employees work on a PC). You may also be obliged to appoint a DPO if your company is subject to a special case under Article 37 of the EU General Data Protection Regulation.

What are the advantages of an "external" data protection officer?

Benefit from the advantages of an external data protection officer:

• No limitation of liability as with the "internal" data protection officer
• No additional insurance required
• No initial training necessary
• No costs for ongoing training
• Regular terminability in contrast to the internal data protection officer
• Cost and effort optimization especially for small and medium-sized companies

Does the Privacy Kit also include individual consulting services?

The Privacy Kit itself does not contain a consulting quota. If you are interested, our data protection experts will be happy to advise you on your request by e-mail or telephone for an additional charge. The costs are 180 Euro per hour plus VAT.

Can I use my Privacy Kit for advertisement?

Customers of the Privacy Kit are welcome to display it on the website or on flyers. In this way you can show your customers that you take data protection seriously and implement the EU GDPR. We will provide you with an appropriate logo for this purpose.

How do I benefit from a recommendation?

If you successfully recommend the Privacy Kit as a customer, you will receive a one-time discount of 95 Euro (plus VAT) per recommendation on your next invoice. Please use the field "Referral" in the order form for a correct assignment.

Stay up to date.

Subscribe to our free newsletter and get
the latest news on data protection.