Data Protection Services at KINAST

Data Protection Auditor

A Data Protection Auditor plays a crucial role for companies that intend to have their current level of data protection verified and ascertained. The aim is to ensure that the audited company processes personal data in accordance with the applicable data protection laws, in particular the GDPR, and thus complies with the required level of data protection.

Top 5 Law Firm in Germany

What is a Data Protection Auditor?

A data protection management system, or also data protection concept in more abstract terms, that complies with the legal and data protection requirements is essential for companies. The Data Protection Auditor verifies the quality and effectiveness of such a system through regular data protection audits, identifies ways to optimize it or defines necessary measures to reach data protection compliance and provides professional support for its implementation.

The role of a Data Protection Auditor can be held by various professionals. These include: DPOs, management officers, IT security officers or executives. The special qualification stems from in-depth knowledge of the GDPR.

How do we carry out a data protection audit?

The data protection audits offered by us are carried out either on-site or remotely, with the help of various questionnaires and e-mails, as well as supplementary telephone conversations with contact persons from the management and various other departments (e.g., finance, marketing, facility, HR, IT).

This provides a fully comprehensive overview of a company’s data protection status. Based on this and the information provided in the process, we prepare an individual report to illustrate the degree of compliance with data protection requirements.

In addition, we evaluate any deficits, propose corresponding measures to eliminate or reduce them, as well as define responsibilities and propose a timetable for implementing these measures.

Finally, we also prepare an action plan that complements the audit report and briefly formulates the specific measures and to-dos that should be taken. Our support extends not only to the duration of the audit, but also beyond. In this respect, we assist our clients in word and deed during the implementation of the audit report and the concrete measures.

Kinast Data Protection Auditor

Our Consultation Process

Introduction of your company and KINAST as well as the relevant contact persons. Discussion of the current data protection setup and most important data protection topics.

We conduct data protection audit on-site or based on questionnaires to evaluate the current data protection status of your company.

Document the current data protection status and define further required actions if necessary.

We carry out all necessary measures identified during the data protection audit.

Designation as External data protection officer and on-going consultation starting from day 1.

Data Protection Auditor
Data Protection Auditor - KINAST Attorneys at Law
Data Protection Auditor - KINAST Legal Consultation
Data Protection

What makes KINAST the best choice for your Data Protection Audit?

Due to the increased fines, the obligation to report to authorities and potential loss of reputation, it is becoming increasingly important for companies to obtain knowledgable and legally correct advice on Data Protection Law. Based on our qualifications and our proven audit concept, we garuantee future proof data protection for your company.


We are an experienced team of lawyers with many years of experience and knowledge in data protection law, data security and as DPOs.

Practical experience

Due to many years of practical experience we know companies "from the inside". In colloquial terms, you should be able to "live what we advise".

IT affinity

Regardless of existing or new IT systems, our attorneys have a profound technical understanding and advise you accordingly.

Cost transparency

We work on the basis of fixed hourly contingents, keeping pricing simple and managable.

Guaranteed legality

We are not only outstanding data protector officers, but also experienced lawyers.

Individual solutions

We do not work "off the peg", but offer tailor-made concepts, specifically for your business.

Efficient organisation und communication

Our soluitions lay high priority on open communication, transparent project management and defined goals.

Drafting of legal documents

We draft guidelines, work instructions, operating and service agreements, declarations of consent and commitment, lists of procedures and contracts on a daily business.

Personality and continuity

We do not provide you with just any resource, but with the right colleague for you – permanently and without unpleasant changes.

Let's start your data protection audit together

A data protection audit can be a complicated task, but our experienced lawyers and data protection auditors are ready to help you every step of the way. With many years of hands on experience, we’ve audited companies of all sizes and from all industries. At KINAST, we guarantee that your company is in safe hands. So why not contact us today for a free, no obligation consultation?

Send this page to a colleague?


Frequently asked questions

We understand that many clients still have questions about how a Data Protection Auditor can help you with the audit process. We’ve answered some of the most frequently asked questions here. If you have more specific or specialist questions, feel free to contact us, and one of our Lawyers or Data Protection Auditors will get back to you as soon as possible.

The timeframe of our audits depends on a few different factors. Generally, the timeframe for the compilation of the information is 1-2 months for a remote audit, and 1-2 days for an on-site audit, of course depending on the quality and timeframe of the information and responses we receive. The draft and finalization of the audit report and action plan generally takes up to 3 months after the on-site audit or the collection of information for a remote audit is completed.

The responsibility of the implementation lies, due to the Auditor being an advisory role, with the controller. We do, however, support where requested and necessary by helping with drafting of indispensable templates, processes and policies as well as reviewing these measures to ensure that the implementation is data protection compliant from the very beginning.


The audit report captures the status quo we have assessed during our audit and compares it to the data protection requirements for the different topics in question. This means that our reports are very detailed, presented in an easily readable format and ensure that you get the full overview of what is currently in place in your organization. Likewise, we include a detailed an clear definitition of required measures and why they’re necessary. Most importantly, the report is to be considered a living document. It will get updated and amended as your organization progresses through the implementation period.

Ask us for a quote

Please provide our team with a few details about your company. This makes it easier for us to assign the correct expert for your needs

Let's talk

Simply leave your details here and one of our lawyers or data protection experts will get back to you as soon as possible.

Media enquiries

Simply leave your details here and one of our marketing team will get back to you soon.

Partnership enquiries

Simply leave your details here and one of our marketing team will get back to you soon.