Data Protection Law of the Prostestant Church (DSG-EKD)

The data protection law of the Protestant Church in Germany (DSG-EKD) is applied to the data protection within the field of agencies of the Protestant Church, hence in their enterprises and organizations. We function as external data protection commissioner for enterprises and organizations being subordinated to an agency of the Protestant Church, such as administration, hospitals, academies, supporting work, and child and youth welfare services.

Furthermore, we prepare data privacy reports on all questions referring to data protection within the Protestant Church.


Additional services in the field of data protection for the Protestant Church are especially:

  • Implementation of a critical points analysis on data protection with a report being sent to the management
  • Creation of a data protection organization
  • Preparation of a data protection guideline and data protection concept for church enterprises and organizations
  • Preparation of all documents necessary in the field of data protection
  • Implementation of a procedure for information request of affected persons
  • Preparation of a training concept and accomplishment of data protection trainings according to the data protection law of the Protestant Church in Germany
  • Hotline for all questions concerning the Protestant data privacy law
  • Inspection and realization of the demands from an order processing according to § 30 DSG-EKD
  • Inspection of the requirements of the technical-organizational data protection according to § 27 DSG-EKD
  • Realization of the requirements for data protection on the intranet and the internet presence
  • Fulfilment of the conditions of data protection in the field of advertising and public relations
  • Realization of the requirements on data protection in the personnel department
  • Consultation on the realization of data protection in the employee representation
  • Preparation and implementation of data protection audits
  • Preparation of the necessary corporate guidelines on both IT and TC usage, video surveillance, access control, and time recording
  • Data protection compliant realization of paper and data medium destruction
  • Realization of data protection at multifunctional devices, copiers and fax machines
  • Support with the realization of encryption processes for hardware, e-mails and remote data hits via virtual private network
  • Preparation of a guide for the development of a deleting concept
  • All tasks of an external data protection officer (critical points analysis on data protection and constant maintenance)