External data protection officer

A certified DPO — without tying up internal resources.

Phishgate puts an experienced external data protection officer at your side — with a clear scope, transparent flat fee and direct access.

Typical situations where we step in

At this size a DPO is often legally required. We take care of registration, setup and ongoing operation.

We act as the appointed DPO, provide documentation and answer audit questions directly.

We structure the incident report to the supervisory authority and accompany the follow-up.

We take over quickly, translate existing documentation and continue operations cleanly.

We take care of the official appointment with the responsible supervisory authority.

Building, maintaining and annually reviewing your RoPA — with ready-to-use templates.

Mandatory employee trainings on data-protection basics and phishing — online or on-site.

We assess high-risk processing and run DPIAs under Article 35 GDPR.

Review and drafting of data processing agreements with your service providers.

Direct email hotline for your employees' data-protection questions — with SLA.

We price by headcount and complexity — no hidden extras. You get a concrete proposal after a short scoping call.

Do we even need a DPO?: Once 20+ employees handle personal data, or if you run high-risk processing, a DPO is usually required. We'll assess this during a free first call.
How quickly can you start?: Typically within 10 business days after contracting — including official registration.
Do you work nationwide?: Yes. Our team works remote-first and travels to the Rhein-Main region when needed.
What does it cost?: Depends on headcount, industry and existing documentation. Packages start at €390 / month.

No sales pitch. We'll clarify whether you need an external DPO — and if so, what they should do in your setup.

Newsletter

A short monthly newsletter with new pieces, trends and awareness tips. No spam, unsubscribe anytime.