GDPR & Data protection

Legally secure digital travel

Data protection is not optional.

Data protection is one of the topics that many companies are unsure about. Do we need a cookie banner? What is Google Analytics allowed to do? How do we write a privacy policy? The good news: With the right measures, it's not complicated. We help you to be GDPR compliant without it feeling like compliance theater.

The basics of the GDPR

The GDPR protects citizens’ data. Here are the core principles: Legality (data processing must have a legitimate reason), Transparency (users must know what happens to their data), Limitation (you only collect data that you really need), Accuracy (data must be up to date), Integrity & Confidentiality (data must be secure), accountability (you must document what you do). That sounds complicated. But in practice it is usually: openness + security + good documentation.

What you get

Data Audit

We do an audit: What data does your website collect? Which tools are installed? Who has access? Where is the data stored? Companies often don't understand how much data they collect.

Privacy Policy & Privacy Policy

We write data protection declarations that are legally correct but also understandable for normal people. With all the tools you use, your data flows, and the rights of the users.

Consent Management System

Non-essential cookies require consent. We implement: a transparently designed cookie banner, clearly differentiated categories, the option to revoke consent later, documentation of who gave consent and when.

Tool configuration GDPR compliant

Google Analytics: IP anonymization, user data only updated with consent, retention period, agreements. Google Ads: Conversion tracking without personal data, audience sync with consent. Facebook/Meta Pixel: Only with consent, cookie policy updated. CRM: Only necessary data, clear agreements, deletion policy.

Data security & Protective measures

Encryption, access control, backups, incident response plan. That's not paranoid - that's standard security.

User rights management

We set up processes so that you can respond to requests. Right to Access, Right to Rectification, Right to Erasure, Right to Data Portability, Right to Object.

Documentation & Governance

You get clear documentation. What data do you collect? Where are they going? How long are they stored? How do you protect them? This isn't for the drawer - this is for real compliance.

Regular Compliance Reviews

Data protection is not unique. As new tools are added or regulations change, we adapt.

Our process

1. Phase

Audit & Analysis

We understand your company, your data flows, your tools, your risks.
2. Phase

Strategy development

Based on the audit, we develop a data protection plan. What do we need to implement?
3. Phase

Roadmap & Prioritization

What are the most critical problems? Where can we make quick profits?
4. Phase

Implementation support

We implement the measures. Consent management, tool configuration, documentation.
5. Phase

Review & Adaptation

We regularly check that you remain compliant.

Who is this ideal for?

E-Commerce

Customer data, order history are sensitive. Data protection is a conversion booster – customers trust you.

B2B & Enterprise

Often more complex data flows between different systems. Data processing agreements with customers/partners must be correct.

SaaS & Apps

User data is the heart of it. Data storage, encryption, backups are critical.

Nonprofits & Charities

Donor data is very sensitive. Specific data protection requirements, transparency is important.

How much does it cost?

GDPR Audit + Documentation

2,000-4,000 EUR

Full analysis, data protection declaration, privacy policy, recommendations.

Consent Management System Setup

1,500-3,000 EUR

Cookie banner, consent management platform, integration with tools.

Full GDPR compliance

5,000-12,000 EUR

All of the above plus tool configuration, data security measures, governance documentation.

Ongoing Compliance & Support

300-800 EUR/month

Monitoring, new tools integration, compliance reviews, user inquiry handling.

Why digitalists?

Project Manager = Developer

The guy who understands your data protection is also the guy who configures the tools. This prevents gaps between compliance and implementation.

Individual concepts

No standard cookie banners. We build data protection for your company and your tools.

Everything from a single source

Audit, compliance planning, implementation, tool configuration, ongoing monitoring – everything comes from us.

Experience since 2018

We have made many companies GDPR compliant. We know what works.

FAQs

Frequently asked questions about this service.

We have a cookie banner - are we GDPR compliant?

A cookie banner is a part. But not everything. You also need to: configure your tools, update your privacy policy, document your data flows, implement security measures.

Can we use Google Analytics in a GDPR-compliant manner?

Yes, but only if you have configured it correctly and your users have agreed. IP anonymization, consent management, data protection declaration – everything has to be right.

What happens if we are not GDPR compliant?

Fines up to 4% of your global sales. But more important: trust. If users notice that you don't protect their data, they won't trust you.

How often do we need to check compliance?

At least annually. Or when new tools are added or regulations change.

Inquire about data protection now

If your website is not GDPR compliant today - and many are not - then now is the time to act. With us you get a complete audit, clear data protection declaration, compliant consent management, secure systems & Processes, ongoing compliance monitoring.

Get started now

Cases

CS 1920

JACOBS Icepresso campaign

OOH, DOOH, social media postings, advertising materials, HTML5 banners

Jacobs

CS 695

Website relaunch for e-dialog

Screen design, WordPress programming, multilingualism

e-dialog

CS 682

Website relaunch for UNICEF

Technical implementation, donation forms, print products

UNICEF AT