nationwide | digital | remote

Data protection is not your favourite topic? - We help you out!

We support companies in implementing the requirements of the GDPR - digital, simple and at fixed conditions.

Consulting, Software & Academy - all from one source

Data protection consulting

Are you looking for a (new) data protection officer? Personal consulting, ongoing support and process optimization included? We take care of your concerns - quickly and straightforwardly.


Privacy Software

Avoid friction losses, reduce administrative costs - software can support the process optimization of your data protection and compliance processes. Whether for the operation of DSGVO-compliant websites or for the implementation of the Whistleblower Protection Act - contact us!

GDPR Academy

Reduce complexity, establish automations in the data protection process for your company - we have bundled our knowledge from 10 years of data protection consulting in our GDPR Academy, our digital assistance accompanies you step by step through the data protection project

What defines us as a consulting service provider


Flat rates

Binding project budgets and flat-rate packages ensure transparency in cooperation


Full Service

Our data protection services are customized to your requirements


Years of experience

We support you with the combined experience of 10 years in the industry and over 500 successful data protection projects


Legal Team

Our team consists of lawyers and TÜV-certified data protection officers


Tech Team

The IT specialists in our team develop industry-leading software and tools in the data protection area.


Process optimisation

Freely according to the motto: as much as necessary, as little as possible

What we do

Data Protection as a Service

Every company is unique, but the pain points of the GDPR are similar in many organizations. Our data protection consultants use our experience from the practical implementation and application of the GDPR to provide our clients with efficient data protection management - from answering individual questions to appointing the external data protection officer.

Cortina Consult has been advising companies on the BDSG and DSGVO for more than ten years. We advise both strategically and actively on the implementation of necessary data protection measures.

Nationwide Consulting - remote or on site

We support you in the following cities and the associated regions (remote and/or on-site), among others:

Berlin, Munich, Hamburg, Münster, Düsseldorf, Cologne, Frankfurt, Leipzig, Dortmund, Bochum, Bielefeld, Bonn, Bremen, Essen, Freiburg, Hannover, Osnabrück, Oldenburg, Würzburg, Dresden, Stuttgart and more...


Sprechen Sie uns an.

Wir beraten Sie gerne

+49 251 95 20 37 - 40


Ihr Ansprechpartner

Jörg ter Beek
+49 251 95 20 37 - 40
[email protected]

Your Data Protection Officer

Jörg ter Beek

  • Ten years of practical experience
  • TÜV-certified data protection officer
  • ISMS-Auditor
  • Expertise in data protection consulting and IT security

For more information on Jörg ter Beek, visit his XING or LinkedIn profile.


Frequently asked questions about the external data protection officer

When does a company need a data protection officer?

Regardless of the number of employees, you must appoint a data protection officer if particularly sensitive data (e.g. health data) is processed or if the core activity of your company is the collection, processing and use of personal data.

At which staff size is a data protection officer necessary?

If your company has at least 20 employees regularly involved in automated data processing, you are required to appoint a data protection officer.

What is a data protection officer (not) allowed to do?

The law specifies requirements for cooperation between the DPO and data controllers. According to Art. 38/39 of the GDPR, data controllers must properly involve the DPO in all data protection issues at an early stage and provide him with all resources and access necessary to fulfill his duties.

Freedom from instructions

The DPO is free from instructions in this regard, but is not authorized to issue instructions. This means that the data controller may not issue any instructions to the DPO and the DPO may not issue any instructions to the data controller either. The DPO provides recommendations for action or advice with which the legal requirements can be met. He is an advisor, not a decision-maker.


The data protection officer undertakes to maintain secrecy or confidentiality and may not disclose any internal information or data relating to individuals.

What is the monthly cost of data protection consulting?

To avoid unexpected costs, we emphasize transparency and offer our services in flat-rate subscription packages. If you are not sure which package is right for you, let us find out together in a short phone call.

What happens if no data protection officer has been appointed?

The failure to appoint a data protection officer is a violation of the EU GDPR (Art. 37) and can be extremely expensive. High fines of up to 10 million euros or 2 percent of the previous year's turnover may be imposed.

With the introduction of the General Data Protection Regulation (GDPR), we as a company were faced with major challenges. With Cortina Consult we got a welcome and professional support and the complex data protection law became a piece of cake.

Marcel Baldsiefen, Holz Richter GmbH

My experience with Cortina Consult has been very positive. The requirements of the GDPR were implemented in a practical way - and with an appropriate budget - for our company. In short: I feel I received honest and competent advice.

Julian Hilger, Hilltop Consulting GmbH

Usercentrics' Cookie & Consent Management helps us to be GDPR compliant while achieving high opt-in rates. In this way, we can handle sensitive data in a legally compliant manner and still conduct targeted marketing.

Johanne Schwensen, It´s Complicated

Our certificates