nationwide | digital | remote

Data protection is not your favourite topic? - We help you out!

We support companies in implementing the requirements of the GDPR - digital, simple and at fixed conditions.

Data Protection Officer (DPO)

TÜV-certified data protection officers - all inclusive at fixed rates.

Data protection consulting

360° GDPR: over 100 successful data protection projects - use our expertise to your advantage

Cookie Consent Management

Consulting, Design, Marketing – professional services and smart products for your website & eCommerce

What we do

Data Protection as a Service

Every company is unique, but the pain points of the GDPR are similar in many organizations. Our data protection consultants use our experience from the practical implementation and application of the GDPR to provide our clients with efficient data protection management - from answering individual questions to appointing the external data protection officer.

Cortina Consult has been advising companies on the BDSG and DSGVO for more than ten years. We advise both strategically and actively on the implementation of necessary data protection measures.

Nationwide Consulting - remote or on site

We support you in the following cities and the associated regions (remote and/or on-site), among others:

Berlin, Munich, Hamburg, Münster, Düsseldorf, Cologne, Frankfurt, Leipzig, Dortmund, Bochum, Bielefeld, Bonn, Bremen, Essen, Freiburg, Hannover, Osnabrück, Oldenburg, Würzburg, Dresden, Stuttgart and more...


Sprechen Sie uns an.

Wir beraten Sie gerne

+49 251 95 20 37 - 40


Ihr Ansprechpartner

Jörg ter Beek
+49 251 95 20 37 - 40
[email protected]

Your Data Protection Officer

Jörg ter Beek

  • Ten years of practical experience
  • TÜV-certified data protection officer
  • ISMS-Auditor
  • Expertise in data protection consulting and IT security

For more information on Jörg ter Beek, visit his XING or LinkedIn profile.


Frequently asked questions about the external data protection officer

When does a company need a data protection officer?

Regardless of the number of employees, you must appoint a data protection officer if particularly sensitive data (e.g. health data) is processed or if the core activity of your company is the collection, processing and use of personal data.

At which staff size is a data protection officer necessary?

If your company has at least 20 employees regularly involved in automated data processing, you are required to appoint a data protection officer.

What is a data protection officer (not) allowed to do?

The law specifies requirements for cooperation between the DPO and data controllers. According to Art. 38/39 of the GDPR, data controllers must properly involve the DPO in all data protection issues at an early stage and provide him with all resources and access necessary to fulfill his duties.

Freedom from instructions

The DPO is free from instructions in this regard, but is not authorized to issue instructions. This means that the data controller may not issue any instructions to the DPO and the DPO may not issue any instructions to the data controller either. The DPO provides recommendations for action or advice with which the legal requirements can be met. He is an advisor, not a decision-maker.


The data protection officer undertakes to maintain secrecy or confidentiality and may not disclose any internal information or data relating to individuals.

What is the monthly cost of data protection consulting?

To avoid unexpected costs, we emphasize transparency and offer our services in flat-rate subscription packages. If you are not sure which package is right for you, let us find out together in a short phone call.

What happens if no data protection officer has been appointed?

The failure to appoint a data protection officer is a violation of the EU GDPR (Art. 37) and can be extremely expensive. High fines of up to 10 million euros or 2 percent of the previous year's turnover may be imposed.

External data protection officers at a fixed rates

Competent & cost-efficient: You want to appoint a data protection officer? Discover our DPO packages.

With the introduction of the General Data Protection Regulation (GDPR), we as a company were faced with major challenges. With Cortina Consult we got a welcome and professional support and the complex data protection law became a piece of cake.

Marcel Baldsiefen, Holz Richter GmbH

My experience with Cortina Consult has been very positive. The requirements of the GDPR were implemented in a practical way - and with an appropriate budget - for our company. In short: I feel I received honest and competent advice.

Julian Hilger, Hilltop Consulting GmbH

Usercentrics' Cookie & Consent Management helps us to be GDPR compliant while achieving high opt-in rates. In this way, we can handle sensitive data in a legally compliant manner and still conduct targeted marketing.

Johanne Schwensen, It´s Complicated


The data protection newsletter

Stay up-to-date, register now for data protection news worth reading

* Mandatory.
By registering, you agree to receive the Cortina Legal update with Mailchimp as well as to the interest analysis by evaluating individual opening and click rates. For your and our security, we will send you an email with a confirmation link in advance (so-called double opt-in); the registration only becomes active when you click on this link. In this way, we ensure that no unauthorized person can register you in our newsletter system. You can revoke your consent at any time with effect for the future and without giving reasons; e.g. by clicking on the unsubscribe link at the end of each newsletter. You can find more information about the processing of your data in our privacy policy.

Our certificates